Advisory ID: cisco-sa-20160302-n5ksnmp
Revision 1.0
For Public Release 2016 March 02 16:00 UTC (GMT)
+-----------------------------
Summary
=======
A vulnerability in the Simple Network Management Protocol (SNMP) input
packet processor of Cisco Nexus 5500 Platform Switches, Cisco Nexus 5600
Platform Switches, and Cisco Nexus 6000 Series Switches running Cisco
NX-OS Software could allow an unauthenticated, remote attacker to cause
the SNMP application on an affected device to restart unexpectedly.
The vulnerability is due to improper validation of SNMP Protocol Data
Units (PDUs) in SNMP packets. An attacker could exploit this
vulnerability by sending a crafted SNMP packet to an affected device,
which could cause the SNMP application on the device to restart. A
successful exploit could allow the attacker to cause the SNMP
application to restart multiple times, leading to a system-level restart
and a denial of service (DoS) condition.
Cisco released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/
Komentarų nėra:
Rašyti komentarą