[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability
From: Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx>
Date: Thu, 4 Aug 2016 12:23:56 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol 
Packets Denial of Service Vulnerability

Advisory ID: cisco-sa-20160804-wedge

Revision 1.0

For Public Release 2016 August 4 16:00  GMT

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the processing of Network Time Protocol (NTP) packets by 
Cisco IOS could allow an unauthenticated, remote attacker to cause an interface 
wedge and an eventual denial of service (DoS) condition on the affected device.

The vulnerability is due to insufficient checks on clearing the invalid NTP 
packets from the interface queue. An attacker could exploit this vulnerability 
by sending a number of crafted NTP packets to be processed by an affected 
device. An exploit could allow the attacker to cause an interface wedge and an 
eventual denial of service (DoS) condition on the affected device.

Cisco released software updates that address this vulnerability. There are no 
workarounds that address this vulnerability; however, there is a mitigation for 
this vulnerability.

This advisory is available at the following link: 
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXoyuaAAoJEK89gD3EAJB5jS0QALlocwEtAhJ6ELVX3IT6HAC5
FKlc3zknV5KswMHqsbDjQsD2GAfEntDoO8Riu78lWSexO99Pu/VfRafKUJKcHEUo
wBYQQ33X4sLEgGXMIXUbAxMFCpAxdlIuEzevo8HUj+LiMZWZNN1UJOpsFzBZGx3Q
b6XNpGnMup88326DIcTJwUo3DGs7jAPvidlBjS5VPHqE43hvMy7FCqBTMQXdE7E3
6xVR9A8E4BdVPy/WyBjKI5TVOvaB2qoPYaaLmdzvsGaM5LnVw1qPFLwe1xY7dI9m
+P+iN5ruvY9GM1WzJL8Yt7ngKmIbr7VC7vQc0kRPe9Mk+ZsuibR4Se12RADvdYfB
CTYeDNES93fV1KxdGNFy2+XJSIcK3VYusto4sTRcKLmUfkHd/ahXNjuoGoqkvFYD
+wq+1GylK2EUvOThjPEGuBgEG8HaNnp0UaYHqKCcUEzayCthygv0oN2Xiy4cEoJb
002reFlEN8s2puJknuEpcywoWNMOGFWSf2jN2kL4mHo6WIldQJqTOy7DHNLLt9UA
aZNXUzhFavF6KXrAMQ3DiTx0nwV9CVaJq9yvyC1iXDA/ySvkHERoODpP7epmhMqW
FZTfAxeusPbktEMeAXThVj/SrkwCmzlrvs+pzk8kAa1ycz/7nJkHENiDCLlUk+zR
fapmFudsB1x/rUftQUNf
=4KvY
-----END PGP SIGNATURE-----

Prev by Date: [SECURITY] [DSA 3641-1] openjdk-7 security update
Next by Date: Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance
Previous by thread: [SECURITY] [DSA 3641-1] openjdk-7 security update
Next by thread: Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance
Index(es):
- Date
- Thread