Send sanog mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sanog.org/mailman/listinfo/sanog
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of sanog digest..."
Today's Topics:
1. Cisco Security Advisory: Cisco IOS Software RSVP
Vulnerability (Cisco Systems Product Security Incident Response Team)
2. Cisco Security Advisory: Cisco IOS Software Metadata
Vulnerabilities
(Cisco Systems Product Security Incident Response Team)
3. Cisco Security Advisory: Multiple Vulnerabilities in Cisco
IOS Software Multicast Domain Name System
(Cisco Systems Product Security Incident Response Team)
4. Cisco Security Advisory: Cisco IOS Software DHCP Version 6
Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
5. Cisco Security Advisory: Cisco IOS Software Session
Initiation Protocol Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
6. Cisco Security Advisory: Cisco IOS Software Network Address
Translation Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
----------------------------------------------------------------------
Message: 1
Date: Wed, 24 Sep 2014 12:23:14 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software RSVP
Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software RSVP Vulnerability
Advisory ID: cisco-sa-20140924-rsvp
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the implementation of the Resource Reservation Protocol
(RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an
unauthenticated, remote attacker cause the device to reload. This vulnerability
could be exploited repeatedly to cause an extended denial of service (DoS)
condition.
Cisco has released free software updates that address this vulnerability.
A workaround that mitigates this vulnerability is available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3qoIP/RnDEwuhG4SEtyEAycEOpJoX
cDsmK8C0xRKYkoUeSlmkO1TXzRk42RMnd6aoYAxojgqsYnVt10ZKibSLzCxZxWnX
MMKhMPSrUSvWvPNgLDYyOJ4R4B6IOwYwS6wNCABtiwes/rET+p+d0gw4rZ4SLujF
hSrWcxE8Fax5zU7Z++ZifOhcg/C7gGvIbsuStf01S6/oZHPx8PXnVj9J4eI0Yxz9
JRhkJQv8FlfJYzZnxbi545YH1fUt+e5FzTTlPOaYayYqi0E/NvrPW64s8QKLURE7
M01EzxIsyItwxIYAXy5pcUHnyAd/bZ21CmEiHvOq4GZVXoZpkkF0pCceos+mC987
4mPYVe+PwNrPJwb0qdG6MKDiXmO+txVFLazNF2JJaGeFYjeN+If57mJSttznVLiE
ZPCkdLmr/Y2uDbtwoDdFI6TbrIsFceawIEKLn5lIPQrtt+JiwkWkxKSLMsB6wm0l
nmogpIL43jgnozrYRTMizA+hu/mHgg88mOWD/AAFA5O6K+YQIEYYtYjy4Bundrq7
2Rr6uJNUN9fD3amT3ZqP6DE7ETlAkC29sFy0IuXkudpXc+YrcVAkhwrlMekoeepL
t6cWl+o8dTaexJe7h4neuADwCPrT15wNBiasHP0Uw/BAUnbPM2aOjL8WZDb1BHvT
5AkSuOMpsSZakqt0vik+
=kL1E
-----END PGP SIGNATURE-----
------------------------------
Message: 2
Date: Wed, 24 Sep 2014 12:23:47 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software Metadata
Vulnerabilities
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Metadata Vulnerabilities
Advisory ID: cisco-sa-20140924-metadata
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
Two vulnerabilities in the metadata flow feature of Cisco IOS Software could
allow an unauthenticated, remote attacker to reload a vulnerable device.
The vulnerabilities are due to improper handling of transit RSVP packets that
need to be processed by the metadata infrastructure. An attacker could exploit
these vulnerabilities by sending malformed RSVP packets to an affected device.
A successful exploit could allow the attacker to cause an extended denial of
service (DoS) condition.
Cisco has released free software updates that address these vulnerabilities.
Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3SpwP/jfNLKisT8kvgV2iMhFr0Z2w
1oOqnYmG1WWNh/yXh+uKIPeHUDSYjsW1ntAP/vnuw1Op2UDPMl1fTWe4AWo8huOf
R2cq3dCBZRfKmlhfJAGuqaramkAITwLPNsODwIHZUwXYQPrHnlZB7c/Ry8dkE+d5
ATGeGFS9nDnboAKyRFyusLarQ95X+Yukpq/BmGLXd+neuC+tz4x1PCBvQJdeqaMx
Fg2r94dg0mhzwYJ/HBLVUk4OJRYhJxUeJw7zqrB9GGZnYry+ll8qY9pSbMVpI1Yy
523Okpes5zJ1KNR+uceABj1SSpe0n+LAfqj8ekkzrZz7CQGONYEd39PSor73zKBE
1SmyUVj75hoH3rx45SQLgArvfUXkJZLeSgnstWU7DCIlD5OjxMbazq8nlU9cmD5q
gXKtPLZI8/xREwUjmmowv3ykSscxW7x0EBL/NCG+JcXmTGS26gf8SGsVfkDYIkuo
iLxrgkiuvXtq+SGLdmRnfC7Ts2m/5E1AJHW7V64yZ+tNLW4XM5cMjMtDZXTQdQHN
sQvPe8E4sFFpcSn2vi0Y5weBItr3p+QGDF5HxojPr1NLZz8bHUBWJ6kjYvDynM3C
yGXTgEI7g8vmzcfeBTZCa3Us/qDb+0DZFzt15TpUbZmcuVjcoSo3myp1+XzP7ky2
xC9OlRnpvnRWrSnAXcLe
=E9az
-----END PGP SIGNATURE-----
------------------------------
Message: 3
Date: Wed, 24 Sep 2014 12:24:19 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Multiple Vulnerabilities in
Cisco IOS Software Multicast Domain Name System
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System
Advisory ID: cisco-sa-20140924-mdns
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
The Cisco IOS Software implementation of the multicast Domain Name System
(mDNS) feature contains the following vulnerabilities when processing mDNS
packets that could allow an unauthenticated, remote attacker to cause a denial
of service (DoS) condition:
Cisco IOS Software mDNS Gateway Memory Leak Vulnerability
Cisco IOS Software mDNS Gateway Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNeAAoJEIpI1I6i1Mx3euMP/0ptD3acwXkieo5NTQEYXU2L
cMlnxkTZnXzzjkGAcy0eJKhHAh9JI0FU5DcEVmMbTd7qXnm2sixFYR27dxMCJBaG
Quj5RgGGz2KUFNGO87+JX8zw8yBKyknN8eO7njBb6c99UHAv/GVZAjnwcDEbRM3L
G7/C7S7ZVkk8w63U46CsVV5eaGj2RQnbZx3jYNhPKjZnCc/MQSM87nnTuR8RjkCm
wlrReK6BjxtJ13R3o2NmWzSJWSsc8N81pvIooJdaBCqlGZ4e/j06Z5+S5CF3DGiJ
xJvEdKGdvLRo14hUtQLJ8Vx8bJMkHBdr7Bernmca/8AIeXEMdc61ZGs8bS72Magh
JbiJIT7B3jQXdjzQpQ/mHKNoghkI302g3H6egrtsCBWr+lepEIfmHLf4h0LueqWh
pVQPqXWAGg+5AR1ABvP+mwtQuz/psboXpacMM8keZ2a/6uS82tf3lTXR/8zBd+Om
sGbhBYIkO67Cp/Zn2CNY1v9Pg8f4tNAkATazg2Mvt4QfOlRUFRYBdyV2LZLSDCJ4
9/Pw8s7pLMMFpt90pBzIBUY+FsiGkWoHduMO7/O93Zw4Y2n2vnRYFkyuFQFphBuO
M2Yb20vqO9tsELTt0MDmdfXf40HhhAUF6zbw6fWa4SCV4CwZn6h8eAZttsqQQqxl
cdgZjAsAV5dsoejxk0LC
=7Kkh
-----END PGP SIGNATURE-----
------------------------------
Message: 4
Date: Wed, 24 Sep 2014 12:24:51 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software DHCP
Version 6 Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-dhcpv6
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco
IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition.
The vulnerability is due to improper parsing of malformed DHCPv6 packets. An
attacker could exploit this vulnerability by sending malformed DHCPv6 packets
to be processed by an affected device. An exploit could allow the attacker to
cause a memory leak and eventual reload of an affected device.
Cisco has released free software updates that address this vulnerability. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNeAAoJEIpI1I6i1Mx3FxAP/i8bB96s06HvbR5sSFBf6iqW
QMfKKOujTGf9w9UH/CUqVtvX2kDLoaZXxoARruZ3hIk2tWqfkFCIyGtCSEXwQxfg
+ueE/LpmXZWkvZ7eLk7GS7lclfVlbu4W5GR1+asp3qIOeKRUpY9SPWDlLuT7vmtb
s8WmVbDKQOEg3MJSt4tkUSDQsL6AOvhFue2VYjGUnzYX0SPOQxkeCGCbOcmCRGPH
3Yi0IPiUa/XOxOCfsSlXJQP5OWVOlCnQZGiOlyaiaYiyTjUlB7uKgZP/jGIuc/gf
4dt0FTK/VykqLXIXERNBL28IO/4ZZDtkZvosy92iUG/BlXzdxB4+9pZ3wgqeih9Q
2hVNgX+xQ+M6BoTyMZ11OvZxqvaIr4e4ijx/CRx+jkqsX3tgoWzcEWe6EDpAL/6s
G7+0cZ04L5zdbZg0NTqciuN04Wm7HEKTpCr3Da/BwomP7Wzx/zHkKAi0IUj/Qa9f
hD/RYmapejks3QXpVPaxYoSQANq7u7dBlSenNYxKaurRNDe9JO8y0LHrLWgF/PlW
CRRt3k7x5bo+nHSUQrZTIeJhPLcvZ9zxLhs1X3ksSdB44ro0pH9kGky6ewPzrd/7
8HimC+ibFB5bU+sjw1iLNZY3Wd9pVNpiezuCzoKgK4mJ8IjbtFm+mBRvDL4bf5xA
oKMD5Aa57OYRgeRzm5ZR
=N1Wn
-----END PGP SIGNATURE-----
------------------------------
Message: 5
Date: Wed, 24 Sep 2014 12:25:24 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software Session
Initiation Protocol Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-sip
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the Session Initiation Protocol (SIP) implementation in
Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated,
remote attacker to cause a reload of an affected device. To exploit this
vulnerability, affected devices must be configured to process SIP messages.
Cisco has released free software updates that address this vulnerability.
There are no workarounds for devices that must run SIP; however, mitigations
are available to limit exposure to this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNgAAoJEIpI1I6i1Mx307EQAI1LtZYk5Eiw9CR6ZQSCPjjI
vxWM5f+29TObzPyYSlWuoexDnryZ5s3FZNje6HKz0ie9hoHEXJq1YTU7Ya/JeuWV
6yNgBgbIC94PcpmK+aHuboSk/oe9aEvAsIM5lIQJwTxIa1CTq5zP1iKwe420iOQd
YOHy8rjxRXda+G3OS/91m98mLQ72vIwQ2tCqrAsn484RoPMHndnMvchLLwxdEsHL
fHW0tdTDXZ0KAup92koXBiIBbasfdOo/EgunmI1xw1bbDqs3fX2G6Dl5SiOUHSM0
0sn83/7WnexbXXG+Zv9vAxgYbevesQWqOpZl0Aw+nl+ov2RvmcuaEKXIm/1yPROV
vJXaL+q38c+A34Hio308V8xgnPn1CCW91TrOzT+iv+tIrH6O+jT/ehjz8ioNHrKn
lxenUBdRiSvLNF/LOpZFlvRs9Gdbat7iwOLbi7ri5s3Mjs4gRQcPg/ElboFvMz1D
bZuSk2y7tq46MxvZosHY1JWu+5VgsO2tJAvl+isgn/Vc6Rk6ZAFpvLK+HjPN7AF3
+rPXMm/lqC9IhgviyNpDEVo0clm9a8vNwgki30s4XCS6Mat4irSX+Af0X6fZ1VII
K0M+fNHgR72lLv1NR9TsRWz40njwx+ks9a9fdmkfNRuXXjx8OBfC0kwVKBU0H3EJ
hzkjmy3Hee100G2V/9X+
=X1lR
-----END PGP SIGNATURE-----
------------------------------
Message: 6
Date: Wed, 24 Sep 2014 12:25:57 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software Network
Address Translation Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Network Address Translation Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-nat
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the Network Address Translation (NAT) feature of Cisco IOS
Software could allow an unauthenticated, remote attacker to cause a denial of
service (DoS) condition on an affected device. The vulnerability is due to
improper translation of IP version 4 (IPv4) packets.
Cisco has released free software updates that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled
publication includes six Cisco Security Advisories. All advisories address
vulnerabilities in Cisco IOS Software. Individual publication links are in
Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled
Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3GjkQAKWPwFAUj1OaQ+/vwiKdlcwC
sZZk53GXtQE3IVMyOYP2LyeDJk1E/Krv8BK8gguBxSjjhRi4WLKc2lr7NrbOmQUh
qq9UCG1HXQi1pOUuKxTJVtlX6jktiZrdvguWcRDCZc6jbPs0cZNmfrsD5fsp8w/2
65dIFPRPYWebLBvKPCJYEvd87ugbb+jLl28qdlCFAaUMgLBnvgeNemIPu9LxgatI
I1rEGXSs6YEkAzGG4uwRvOA+K/3GChuGt1v3b4YS6QVOJCHQlNvvztZMJKcPOEj5
EgtHlsQJC/tCLLT43l6+IAbmDTyaXiZITHhxFa3NXI3q6v8yuf7USFnAI7HyNdW7
ZqYpRybdyIMMSaDCMTEjYKQ5wSq95Ci9K2J52GuADKo2VJiAntoRF496VL1WftT8
80jKzNoaDX4310xvSEN2DEAU5ekLH3792o/6zIB+HgDWKZOEayO9ugWjMrBrI226
Djn/sD3oEWKUkp5EZS2HJAzYTitE5zBOfAh5qfQs7siTQQIcP3b2NgdFR5ZTiile
Eo2w82I2QC96zUz51a4ESLrK88fOAl30mh/Zk8qhxCUs/29z6h2m7AAsc/9QZNHd
Q4lwkodU7yllOIPV16ob47B61XueH4V3Jw7Rt3CJZUwbDTYALlPDK3bwjR60WxP7
KP2y8xOM0z4g0HMz/8bc
=luk3
-----END PGP SIGNATURE-----
------------------------------
_______________________________________________
sanog mailing list
[email protected]
https://lists.sanog.org/mailman/listinfo/sanog
End of sanog Digest, Vol 32, Issue 8
************************************
