[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cisco-nsp
Subject:    [c-nsp] Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Ser
From:       Cisco Systems Product Security Incident Response Team <psirt () cisco ! com>
Date:       2016-09-28 16:22:59
Message-ID: 201609281222.8.cip () psirt ! cisco ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial \
of Service Vulnerability

Advisory ID:  cisco-sa-20160928-cip

Revison: 1.0

For Public Release: 2016 September 28 16:00  GMT

+------------------------------------------------------------------------------

Summary
=======

A vulnerability in the Common Industrial Protocol (CIP) feature of Cisco IOS Software \
could allow an unauthenticated, remote attacker to create a denial of service (DoS) \
condition.

The vulnerability is due to a failure to properly process an unusual, but valid, set \
of requests to an affected device. An attacker could exploit this vulnerability by \
submitting a CIP message request designed to trigger the vulnerability to an affected \
device. An exploit could cause the switch to stop processing traffic, requiring a \
restart of the device to regain functionality.

Cisco has released software updates that address this vulnerability. There are no \
workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip


This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE \
Software Security Advisory Bundled Publication, which includes 10 Cisco Security \
Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security \
Impact Rating of High. For a complete list of the advisories and links to them, see \
Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software \
Security Advisory Bundled Publication.

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55BcP/3jsgDFYqZpxEZUO2ZJaXn/I
cgITUamc+GyA2e7GSr6PEFqH8IY2GjIqw9+yeJY3GLbI5yD7tr7W0ssZHR/8zKlA
Vd2Cii5IPb0MScMMD9pr4jVzEDH8t3HbBIltM3/3v9Xhrf6u+NgxHXb1V9sJpXOQ
Q+2FUNsnPHq0xP1/ukdL+NkO/Znil5HasxNlCDSQHzCEg3+Gv6lUIXsCd3fdYeS9
UfWwXTEM3/2cPMC2sNst4k59T6p9t5wC010OqmWkkyqy0+poyWGmqv8upX7iwq+C
Z+RprABHZh5lJIrk31bAJRTdRpe1iAwRQw/FBU3AkxTMZpE1JiDOPqEKXpvIm4MF
UKCBXKibP1TAZnpa/Od59xpeOZ7lm7Iyr5J394s+ke1J3g8avbU7t9tglIYuBkCx
rRbcik5osYpRq0Fy7YzAFNb7SG4RlrLjunU/A/ieDMVTyQ+areRl0vdd5F7Z0bDF
+fowEopXbgFTWl1FdKFXa0wtwnY+YDYKYzqUfLYeeyLjxNWrj52HVNA+L5ICd/N3
gyBgbDHnLvBn7WlTJdlW4DATG/hUyme0vZRWnIH8QDR5T+U6gWWCTme9ljnsL+qO
DFZrDRpgCbC3qbAD8mDHjvDStoq2gMlx4vdfkdeOC3l2dGtfRt30XdKXQ1mYumH6
6ajuf0yVKs/g0HJJ97Rd
=Jpzz
-----END PGP SIGNATURE-----
_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic