[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
From: Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx>
Date: Wed, 5 Oct 2016 12:06:46 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of 
Service Vulnerability

Advisory ID:  cisco-sa-20161005-dhcp1

Revision: 1.0

For Public Release: 2016 October 5 16:00  GMT

+------------------------------------------------------------------------------

Summary
=======
A vulnerability in the implementation of the DHCPv4 relay agent and smart relay 
agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker 
to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper validation of crafted DHCPv4 offer 
packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 
offer packets to an affected device. An exploit could allow the attacker to 
cause the DHCP process or device to crash.

This vulnerability can be exploited using IPv4 packets only. The vulnerability 
can be triggered by crafted DHCP packets processed by a DHCP relay agent or 
smart relay agent listening on the device using the IPv4 broadcast address or 
the IPv4 unicast address of any interface configured on a device.

Cisco has released software updates that address this vulnerability. There are 
no workarounds that address this vulnerability. 

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5aJAP/iqU3jgnj8/ZfH9bDtTZzo/J
lgymui54AgbK11rUmqDyzsPctHTzb/RONGNvozEMT29MgTw/5YKXGdEEdJpEcTRB
n0btkc/5HJM0kS0wICLCQgwNdlmj+ERYuNIV8q9VwyPOSKoNQy/kKt4QRyzc2lbI
E8nnrEyZZHYtt/eP7Ltgpy2YnXsP+ejzc8jPTYQXJiPById/mOINSjo+iw5Pr6O1
0L2De/WsiDHsWyBnOlljktupLWwxwVSNIYGO6nibMc7R878oB7MQs5/OymQq1CGH
b2ed5nROf5QtFdo+pgRCjXw/87j40BNr1IKcCd7U9fzvzIGxF5JxDQ8lyzEJ5N/5
DOOlfa0CtQ4qwaP6lwOsO1mNrUjcNCDugmICucNo01VGyAReMLy+4vQBmD9AkByU
cq51vQXe5C3PyU4quaDK15Ix1DM5Q3FJKRyaJ+6ScA0I27L9BSel7XamI9+IrD3N
S9VKpjcZvXSauwfyQlnKilBNiQxbzQpt6a8UcX/EOx/sEu+G+fa64gPRcdi6nTKQ
RTj+iqttSRJujQqYWVB1/5xK/VhNu3T8J7KssmS/gFXxmpCGebZLNT9ooiQQk2UY
a6gaFcsNladvhr4Y8nltV+jLpCal9vD8og7B6dd0EU8XMvUxTTftP/xJANNghCa4
ks2Moj0fJ6Nfk7DYr8GW
=uwR9
-----END PGP SIGNATURE-----

Prev by Date: Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
Next by Date: Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
Previous by thread: Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
Next by thread: Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
Index(es):
- Date
- Thread