1. Reverse Engineering >
  2. Exploits >
  3. Cisco IOS XE/IOS XR IPv6 Packet Handler Denial of Service [CVE-2016-1409]


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Cisco IOS XE/IOS XR IPv6 Packet Handler Denial of Service [CVE-2016-1409]

RSS Kategorie Pfeil Exploits vom | Quelle: vuldb.com Direktlink öffnen

In Cisco IOS XE sowie IOS XR wurde eine problematische Schwachstelle entdeckt. Es geht um eine unbekannte Funktion der Komponente IPv6 Packet Handler. Durch Beeinflussen mit einer unbekannten Eingabe kann eine Denial of Service-Schwachstelle ausgenutzt werden. Dies hat Einfluss auf die Verfügbarkeit.

Die Schwachstelle wurde am 25.05.2016 als cisco-sa-20160525-ipv6 / CSCuz66542 / CSCuz79330 in Form eines bestätigten Advisories (Website) öffentlich gemacht. Bereitgestellt wird das Advisory unter tools.cisco.com. Die Verwundbarkeit wird als CVE-2016-1409 geführt. Der Angriff kann über das Netzwerk angegangen werden. Technische Details oder ein Exploit zur Schwachstelle sind nicht verfügbar. Das Advisory weist darauf hin:

A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.

Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines alternativen Produkts bietet sich im Zweifelsfall an.

Mitunter wird der Fehler auch in der Verwundbarkeitsdatenbank von SecurityTracker (ID 1035965) dokumentiert.

Betroffen

  • Cisco 12000 Series Routers
  • Cisco ASR 9000 Series Aggregation Services Routers
  • Cisco Carrier Routing System
  • Cisco Network Convergence System 4000 Series
  • Cisco Network Convergence System 6000 Series Routers
  • Cisco 4300 Series Integrated Services Routers
  • Cisco 4400 Series Integrated Services Routers
  • Cisco ASR 1000 Series Aggregation Services Routers

CVSS

Base Score: 3.5 (CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P) [?]
Temp Score: 3.5 (CVSS2#E:ND/RL:U/RC:C) [?]

CPE

Exploiting

Klasse: Denial of Service
Lokal: Nein
Remote: Ja

Verfügbarkeit: Nein

Aktuelle Preisschätzung: $5k-$10k (0-day) / $5k-$10k (Heute)

Gegenmassnahmen

Empfehlung: keine Massnahme bekannt
Status: Nicht verfügbar
0-Day Time: 0 Tage seit gefunden

Timeline

25.05.2016 Advisory veröffentlicht
25.05.2016 SecurityTracker Eintrag erstellt
26.05.2016 VulDB Eintrag erstellt
26.05.2016 VulDB Eintrag aktualisiert

Quellen

Advisory: cisco-sa-20160525-ipv6 / CSCuz66542 / CSCuz79330
Status: Bestätigt

CVE: CVE-2016-1409 (mitre.org) (nvd.nist.org) (cvedetails.com)

SecurityTracker: 1035965 - Cisco IOS XE/XR IPv6 Packet Processing Flaw Lets Remote Users Deny Service

Eintrag

Erstellt: 26.05.2016
Eintrag: 74.7% komplett
...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu Cisco IOS XE/IOS XR IPv6 Packet Handler Denial of Service [CVE-2016-1409]






Ähnliche Beiträge

  • 1. MMD-0052-2016 - SkidDDOS ELF infection Jan-Feb 2016 vom 1383.23 Punkte ic_school_black_18dp
    Background These are the statistic comprehensional data for the infection of the ELF malware DDOS-er which its source codes we snagged and reported in previous MalwareMustDie blog post [link: MMD-0044-2015]. Some codes just slight obfuscated or silly crypted but is crack-able and you can figure it easily using the codes
  • 2. USN-3415-1: tcpdump vulnerabilities vom 845.9 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3415-1 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed
  • 3. USN-3415-2: tcpdump vulnerabilities vom 845.9 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3415-2 13th September, 2017 tcpdump vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in tcpdump Software description tcpdump
  • 4. USN-3131-1: ImageMagick vulnerabilities vom 632.34 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3131-1 21st November, 2016 imagemagick vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu
  • 5. USN-3125-1: QEMU vulnerabilities vom 628.06 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3125-1 9th November, 2016 qemu, qemu-kvm vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu
  • 6. USN-2917-1: Firefox vulnerabilities vom 623.56 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-1 9th March, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or r
  • 7. USN-3261-1: QEMU vulnerabilities vom 608.55 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3261-1 20th April, 2017 qemu vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in
  • 8. USN-3361-1: Linux kernel (HWE) vulnerabilities vom 562.18 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3361-1 21st July, 2017 linux-hwe vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software descriptio
  • 9. USN-4118-1: Linux kernel (AWS) vulnerabilities vom 543.8 Punkte ic_school_black_18dp
    linux-aws vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux-aws - Linux kernel for Amazon Web Services
  • 10. USN-3045-1: PHP vulnerabilities vom 470.93 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3045-1 2nd August, 2016 php5, php7.0 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed
  • 11. USN-2934-1: Thunderbird vulnerabilities vom 419.21 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2934-1 27th April, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several secu
  • 12. USN-3044-1: Firefox vulnerabilities vom 413.15 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3044-1 5th August, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or