[prev in list] [next in list] [prev in thread] [next in thread]
List: cisco-nsp
Subject: [c-nsp] Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Ser
From: Cisco Systems Product Security Incident Response Team <psirt () cisco ! com>
Date: 2016-09-28 16:22:59
Message-ID: 201609281222.8.cip () psirt ! cisco ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial \
of Service Vulnerability
Advisory ID: cisco-sa-20160928-cip
Revison: 1.0
For Public Release: 2016 September 28 16:00 GMT
+------------------------------------------------------------------------------
Summary
=======
A vulnerability in the Common Industrial Protocol (CIP) feature of Cisco IOS Software \
could allow an unauthenticated, remote attacker to create a denial of service (DoS) \
condition.
The vulnerability is due to a failure to properly process an unusual, but valid, set \
of requests to an affected device. An attacker could exploit this vulnerability by \
submitting a CIP message request designed to trigger the vulnerability to an affected \
device. An exploit could cause the switch to stop processing traffic, requiring a \
restart of the device to regain functionality.
Cisco has released software updates that address this vulnerability. There are no \
workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip
This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE \
Software Security Advisory Bundled Publication, which includes 10 Cisco Security \
Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security \
Impact Rating of High. For a complete list of the advisories and links to them, see \
Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software \
Security Advisory Bundled Publication.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55BcP/3jsgDFYqZpxEZUO2ZJaXn/I
cgITUamc+GyA2e7GSr6PEFqH8IY2GjIqw9+yeJY3GLbI5yD7tr7W0ssZHR/8zKlA
Vd2Cii5IPb0MScMMD9pr4jVzEDH8t3HbBIltM3/3v9Xhrf6u+NgxHXb1V9sJpXOQ
Q+2FUNsnPHq0xP1/ukdL+NkO/Znil5HasxNlCDSQHzCEg3+Gv6lUIXsCd3fdYeS9
UfWwXTEM3/2cPMC2sNst4k59T6p9t5wC010OqmWkkyqy0+poyWGmqv8upX7iwq+C
Z+RprABHZh5lJIrk31bAJRTdRpe1iAwRQw/FBU3AkxTMZpE1JiDOPqEKXpvIm4MF
UKCBXKibP1TAZnpa/Od59xpeOZ7lm7Iyr5J394s+ke1J3g8avbU7t9tglIYuBkCx
rRbcik5osYpRq0Fy7YzAFNb7SG4RlrLjunU/A/ieDMVTyQ+areRl0vdd5F7Z0bDF
+fowEopXbgFTWl1FdKFXa0wtwnY+YDYKYzqUfLYeeyLjxNWrj52HVNA+L5ICd/N3
gyBgbDHnLvBn7WlTJdlW4DATG/hUyme0vZRWnIH8QDR5T+U6gWWCTme9ljnsL+qO
DFZrDRpgCbC3qbAD8mDHjvDStoq2gMlx4vdfkdeOC3l2dGtfRt30XdKXQ1mYumH6
6ajuf0yVKs/g0HJJ97Rd
=Jpzz
-----END PGP SIGNATURE-----
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic