lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201610051207.6.dhcp2@psirt.cisco.com>
Date: Wed,  5 Oct 2016 12:07:02 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability

Advisory ID:  cisco-sa-20161005-dhcp2

Revision: 1.0

For Public Release: 2016 October 5 16:00  GMT

+------------------------------------------------------------------------------

Summary
=======
A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash.

This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5MVEP/3Vx+EYmJR06nN7u3bJ09QcL
rCM8WkIN1l65nJOsefcneDlPoLDnob31KznL81u7gXtXuOptUD2sT0TsDePwKatT
otvhVQEu10tzOmDwStDjhNO6q5fsrExFMrdD/GwU8ZSWUlffWfMT22Ov4o31qck1
rMtE5Qs7G9oaSVNA+CkXcQijdhnkgBs3C51CumSHB1R7HkZcNJdPU7bOlU5lgb9p
1kzg60E4owVThLiGoG9CwBYoW9EhhkiUQCDiPui/cyp2SFuUeGdcz+hpX48Uf/0+
/2t2cqmibN44Yo/1NJytmEam4HhjF+rpPZBO2R/1/Woggh5id8FAGFmg2prcyM8Q
4/o9PZHFI61UrXAFIHyvEJGdrU5hCrGHaoOZMoY+TwCdmw+bvvYjGu1uSzK6An0L
PDzJkLVSwogr16dECgESt3BEA819it9r9M87c+oRp020aniWZnne39xuXnCA6oN1
3+183bnFKYpgdYrlDLNICOi2MdWsEAjxPFMI/zkHlQtqus4vkuWtSPkiC6+AlGeZ
9z8YEbpjFhfZjlhqnXd9jLNQLAxFGAGOcz3vndjNsIwLQmaN67+EIbtt30lxJ0Bq
JmtrsojSOx6VsH9JigAOxznLzF//R4reNopiVZqwvIAHpbE3CXjSmmp5601QPVK7
nsoocohg8L6C9yNvdQSU
=jkG4
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ