hello, On mer., mars 26, 2014 at 05:18:08 +0100, Stephane Bortzmeyer wrote: > Six vulnérabilités qui permettent une DoS, d'un coup. C'est ça qui a > planté la salle 103 du DC2 récemment ?
à priori non, meme si y a des ressemblances sur les symptomes (mais bon les symptomes sont assez génériques dans le cas de "oups ca rentre plus dans les tcams") vu la liste des versions impactées/non-impactées, ca ne colle pas avec nos tests en lab de notre bug Cisco avance ... douuuuucement ... sur la reproduction du problème chez eux (*soupir*) Mik > > --------------------------- > Liste de diffusion du FRnOG > http://www.frnog.org/ > Date: Wed, 26 Mar 2014 12:10:35 -0400 > From: Cisco Systems Product Security Incident Response Team > <[email protected]> > To: [email protected] > Subject: Cisco Security Advisory: Cisco IOS Software Crafted IPv6 > Packet Denial of Service Vulnerability > Reply-To: [email protected] > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability > > Advisory ID: cisco-sa-20140326-ipv6 > > Revision 1.0 > > For Public Release 2014 March 26 16:00 UTC (GMT) > > Summary > ======= > > A vulnerability in the implementation of the IP version 6 (IPv6) protocol > stack in Cisco IOS Software and Cisco IOS XE Software could allow an > unauthenticated, remote attacker to cause I/O memory depletion on an affected > device that has IPv6 enabled. The vulnerability is triggered when an affected > device processes a malformed IPv6 packet. > > Cisco has released free software updates that address this vulnerability. > There are no workarounds to mitigate this vulnerability. > > This advisory is available at the following link: > http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ipv6 > > Note: The March 26, 2014, Cisco IOS Software Security Advisory bundled > publication includes six Cisco Security Advisories. All advisories address > vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security > Advisory lists the Cisco IOS Software releases that correct the vulnerability > or vulnerabilities detailed in the advisory as well as the Cisco IOS Software > releases that correct all Cisco IOS Software vulnerabilities in the March > 2014 bundled publication. > > Individual publication links are in Cisco Event Response: Semiannual Cisco > IOS Software Security Advisory Bundled Publication at the following link: > > http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar14.html > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.22 (Darwin) > Comment: GPGTools - http://gpgtools.org > > iQIcBAEBAgAGBQJTMeUtAAoJEIpI1I6i1Mx35GAP/jkk82q87zMnC9n9e2t9u1DD > 7OHUYo7fuXu2L85+zDGgtE7LJ5c9mjZou12A87cjgx4v1B6xvDoemjtoIEmqWKQR > LsSoI6oQL6E3PAqeDn70Lrr++kAV/4dCSzoFuiDWa5NLWO2NA1pxoRsF8f/KTENj > PvPng8UPlF2WBDqNdTnjR2upDMqn1/jQOMxSSRmkMAOQ0Q3j+g9Pd+rb8ocqTJmg > wCj5vXfB52E0HoGddT0UxjkxL1+CR9Jo262LeuRRtMGQsEpK94+L9d4kC/AhhclU > RodAJztNC42KdFR4iE1jDHUA8HwhgnkdzuXlA12GIXeHB9EBQR5Te1hyzuAnxq5X > x3IeqZnaufO2DmxAVpl3lfEDyKeyAipfCPDtFhEmDF/l12zBRlbMudEwA1Buwriq > ayH4798ASI0bBumUiaMiiOyYKbqFL33ONdFMiQZv2lYam1QlYU0Ps3IMiZhD5YHX > 9nOKcuWU1Uym+VjHiIKLg5/qQpndg9h+E6mNzZrQSXrpU1nYtwBCZiShBhR5+f4J > WYLOVZu5LDpW6mQAhYyKC7ehugeqJZRaZQQX5oi94hlBxz1+4zin8GRVLn/Ibrtq > GaeMGODALQjpolszEAt7a4QA5884m++h7Z4Crszr4s4E4j4bUdCEgDc9ynInmO80 > OvU1rCkvg7QWSv3HfxI2 > =nr53 > -----END PGP SIGNATURE----- > _______________________________________________ > sanog mailing list > [email protected] > https://lists.sanog.org/mailman/listinfo/sanog -- Mickael Marchand, Responsable Réseau et Sécurité - Online / Iliad Entreprises Tel: +33 (0)1 73 50 29 37, Fax: +33 (0)1 73 50 29 01 --------------------------- Liste de diffusion du FRnOG http://www.frnog.org/
