[c-nsp] Cisco Security Advisory: Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Wed Mar 2 11:51:09 EST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability
Advisory ID: cisco-sa-20160302-n5ksnmp
Revision 1.0
For Public Release 2016 March 02 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Simple Network Management Protocol (SNMP) input
packet processor of Cisco Nexus 5500 Platform Switches, Cisco Nexus 5600
Platform Switches, and Cisco Nexus 6000 Series Switches running Cisco
NX-OS Software could allow an unauthenticated, remote attacker to cause
the SNMP application on an affected device to restart unexpectedly.
The vulnerability is due to improper validation of SNMP Protocol Data
Units (PDUs) in SNMP packets. An attacker could exploit this
vulnerability by sending a crafted SNMP packet to an affected device,
which could cause the SNMP application on the device to restart. A
successful exploit could allow the attacker to cause the SNMP
application to restart multiple times, leading to a system-level restart
and a denial of service (DoS) condition.
Cisco released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iQIVAwUBVs+jWq89gD3EAJB5AQJDDxAAxdSHqJnWU8J8e4u7aN4xYyuAg3hvZp4J
qrIpHMxuQW9kS9PBnzlvj2Z5zLhzxgzx5tJaiRmV9eMey/j4J1KIzPIi4eMa2w6o
oFhN9Tla+ZuiqvTVuCF0swYEBRV6YHUXUoTEHuy9MMfmqJSu9L5bY/ESf0yLDDgT
zyDp7BQ++v6FMjSf9VKDhuj1X3+dwHWqKZGaanTS+v7t1kfGz778vNGFhGB08L3c
Ty3nL601bIfg2BDkFfPcd+BI3nG4RT85JmjA7fx+/xXuUw8GMfcUnwuw8Ym5R3l2
+9pW9Lx/PIh8lIRPTVS1Q6+TpBglBTfJV7IXZ+0nciCpa0VnQEhddwtk1fQ/cNHZ
0qYxIwbPHtPhT09V5JL82bn8xowhLGpdn+Kv/ZW1JOq5CYq5OYUOb6hu4DxpXggU
wIVhpeQKxyaivYfjGMz5u8TD/LEVrq6vWSkt15SLXhZzSNyioRm5VrmPIRMwG7Xr
fY4kcLNWku1m9zstiN1rwkBwFcJhvUn2Ny9Ug7UF/frE3CbSBiCJyCW8ucnKe5t6
lUsyJXT9kUYXT5oLTv62JTASuaRByer5svS+m7iDr2WXqumTgOQVYz648XHJ8k3n
wMBpEFicSoEo+B7g12vQOHKB7FOsFpkyxvvOJ89X3ri8oDuzhPfUNhH3nq2EXlAt
Vuy5i209RlQ=
=zzHr
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list