|
|
 |
| New User, Welcome! Login |
Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
| From: |
vuln nipc org cn |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Cisco IOS SNMP Message Processing Denial Of Service Vulnerability |
| Date: |
Wed - May 04, 2011 02:41 AM |
Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
------------------------------------------------------------------
I. Summary
Cisco Internetwork Operating System (IOS) 15.0 attempts to process SNMP solicited operations on improper ports (UDP 161,162), which allows remote attackers to cause a denial of service when SNMP is disabled.
------------------------------------------------------------------
II. Description
It has been reported that the Cisco Internet Operating System (IOS) is affected by a remote SNMP message processing denial of service vulnerability. This issue may be leveraged to cause a denial of service condition in the affected device. The denial of service is due to the process consumed all available CPU resources in the affected device.The device may have to be reset manually if the attack is successful.
------------------------------------------------------------------
III. Impact
Denial of service (process consume all available CPU resources)
------------------------------------------------------------------
IV. Affected
Cisco router 2921/K9 IOS 15.0<1r>M6, tested with kubuntu 10.10. Previous versions may also be affected due to code reuse.
------------------------------------------------------------------
V. Solution
Currently there are not any vendor-supplied patches for this issue.
------------------------------------------------------------------
VI. Credit
The penetration test team Of NCNIPC (China) is credited for this vulnerability.
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
