Send sanog mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sanog.org/mailman/listinfo/sanog
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of sanog digest..."
Today's Topics:
1. Cisco Security Advisory: Cisco IOS and IOS XE and Cisco
Unified Communications Manager Software Session Initiation
Protocol Memory Leak Vulnerability
(Cisco Systems Product Security Incident Response Team)
2. Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6
Relay Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
3. Cisco Security Advisory: Cisco IOS and IOS XE Software
Internet Key Exchange Version 2 Fragmentation Denial of Service
Vulnerability (Cisco Systems Product Security Incident Response Team)
4. Cisco Security Advisory: Cisco IOS and IOS XE Software Smart
Install Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
5. Cisco Security Advisory: Cisco IOS and NX-OS Software
Locator/ID Separation Protocol Packet Denial of Service
Vulnerability (Cisco Systems Product Security Incident Response Team)
6. Cisco Security Advisory: Cisco IOS Software Wide Area
Application Services Express Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
----------------------------------------------------------------------
Message: 1
Date: Wed, 23 Mar 2016 14:33:49 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE and
Cisco Unified Communications Manager Software Session Initiation
Protocol Memory Leak Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications
Manager Software Session Initiation Protocol Memory Leak Vulnerability
Advisory ID: cisco-sa-20160323-sip
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Session Initiation Protocol (SIP) gateway implementation
in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could
allow an unauthenticated, remote attacker to cause a memory leak and eventual
reload of an affected device.
The vulnerability is due to improper processing of malformed SIP messages. An
attacker could exploit this vulnerability by sending malformed SIP messages to
be processed by an affected device. An exploit could allow the attacker to
cause a memory leak and eventual reload of the affected device.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability other than disabling SIP on the
vulnerable device.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5EtUP/istyjPt7PTc/nXaKV89MRIl
8AWNXgip5FSt4hvMh+EPXHrZSBUeAUV/HTRhbPukRedLlmCLQ8a9arnMoUHgqQIW
yZcgiOZNNHuI4hyM+x094Z9WTCFWvBGbAftjAfFPqH+WBErUCmbhAMzvrK98vfkQ
17ArMN8Jn4TtsASoSN6BbYT3NA02KCsL6F6b13XYvnGA6QmvWLAVaIK7y7zbLfZD
5Dmk7YiDjqp9wnEPZ/HbRcAsAKVgpv8MSHXJ4ShRYG1pblM5aLzCoOlsVlyRTY2H
ClMfIX2LuUT6xqJpj1gjHNLsxfDZ+za1n4qNOKsBXV9qjl5Q64kUneQHckWCa0kN
+n+7IYMvbVZh+PWaqEP6E/mt3ok5++empwxyhJE4/4rhrvIEgnSk1nynunoli8bZ
rC29txodCYfFdilpS+fynwl6hWNymgBNAxt1YX3AUaIwIeYwKNvn8pxhfYFNBteJ
eL1CzkNbpUVsFqfeH3iFekZ4J4IH2mZ3mU9FuEkEmlrgktCcluU7xCzu+hr9rGMt
GDnlXKmlA8feqkMX42DnTLV9Ai6V31OOcoPOdPU8erKnqVABdsalesUWY65tiik9
waeHcGRCXNZ2PIFl/mN1fHEMvRqFBtLPD17Evy2Z/ag4Id1UuA4B/51JooSnn7QM
oT4W50tYItvUS2QBOxCX
=XbF5
-----END PGP SIGNATURE-----
------------------------------
Message: 2
Date: Wed, 23 Mar 2016 14:34:24 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software DHCPv6 Relay Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of
Service Vulnerability
Advisory ID: cisco-sa-20160323-dhcpv6
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and
IOS XE Software could allow an unauthenticated, remote attacker to cause an
affected device to reload.
The vulnerability is due to insufficient validation of DHCPv6 relay messages.
An attacker could exploit this vulnerability by sending a crafted DHCPv6 relay
message to an affected device. A successful exploit could allow the attacker to
cause the affected device to reload, resulting in a denial of service (DoS)
condition.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5YJgP/RY7X+TuMWSKKRtJq6W9c0J8
ovaSUjvYpIdKcp+8JtLlxjn1+PELJkDpFKVmzmzK5S1WDdaBzpjD0edH7b+7iK4J
t0Uoz9tr4yBhkoskCRTqGopie63xoqScPYMHaKTTO8lo+4znQt2ykylOZRkDrdGH
dL5yX6KJ68adEtj7QwyDAb7ZD9mEEEjySgtJAnz8u5KuLNJT3p6hRLMMJXkD2wPC
sL3sD6wi9Ew92hkLq+BQ50qL7kBqGJb4F+y0WmkSiDcrfi/8ZcVY1+cyElrQmqcK
cG/qi2FbdCJKcIYIWo9BoBDHsBMuQ+R9bgu79YR1Ux4PnKdElKgTQdFUFnhPzRV+
lsMUkV6NHheW3YrqhkUKHEcZPNxAFwWiaQKFcb+eERbV0X5a651xsRH738lSwMke
HY8ewzgNfKL1fPUsH0hGypWZzriOq3gTBZ96veVaXLzyWopyYMH3nw4XZxVeVD5U
07xLfY/3Sq/0Z/kwRXICF24qOGYhLuwLmKJtHyUMXF+YyGN82JwEupU2kY8XvXzv
X/fdqjjQL4bN8C6GN5RUsb7HYzYLtWohLklektXWdwMSDw3Zjri4Kh8YjJMiyd8M
feMxzIogHHLy8IL07xGnDPYFvGApq6G9hmtTikMANwmPtMix0Rd/YdCufeeMx4WJ
0sJ195oJ0H1n6Eyitkxt
=gwyh
-----END PGP SIGNATURE-----
------------------------------
Message: 3
Date: Wed, 23 Mar 2016 14:34:58 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software Internet Key Exchange Version 2 Fragmentation Denial of
Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange
Version 2 Fragmentation Denial of Service Vulnerability
Advisory ID: cisco-sa-20160323-ios-ikev2
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation
code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote
attacker to cause a reload of the affected system.
The vulnerability is due to an improper handling of crafted, fragmented IKEv2
packets. An attacker could exploit this vulnerability by sending crafted UDP
packets to the affected system. An exploit could allow the attacker to cause a
reload of the affected system.
Note: Only traffic directed to the affected system can be used to exploit this
vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.
Cisco has released software updates that address this vulnerability. This
advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5tHcP/1IOH5dlfWMZD1qNngUnCWzg
+ck1Cm1V54sMIDvfjFANdElPi8PI1nFnJ7Nmg6RIN33F5RiREIKy1CEgxAS4vIfB
XkgiIGnLhZ+St3R6mgVIHhg+fMJnmBTvxoKwEp/YN1xjNFf4p0hm8B6+KCu8lb0r
gDvzxzLo7KZAABedlm7lpqAOIRMPRxA3BApzqMtkIUD9nHLxxWUZWf1jsD0CzQga
sFMA8HICaGA69Ldh4YIjC/wkOGrstQIdLNB6EES/klriXflD5p+WFb4zIBfy6CK8
WKbp1QOuqRvkGJRwvAXJ8HgS+gkA+jSxFH0i5tUHR2OvJYm9IsMhw2NJtnDLXv8e
UECVlkwslVzac5pGOnpVaK36QYeH5ZAoJuS6Rf6u8kqI/u9mS6qxQzgmZqCWqpkD
LAbExAmPg9mvLU225BCkhPs+8Uhbcm45DDt3IRLcCk80P6dFPXXJQ5HVKFIao7MC
n10+crFbtAx5Pcs2pFARYD+n2QPuP6iYsh90/BAD1VLWhJFfRc7JbAeHPmai/7RH
78ZGClwqY4ApMejnfnpOiH4VOqApPp8erCdm43Kl7BgVaS9W3Ln9vpipZ1jnxkKq
psyLfpDp5ffN/hkO7XkTEOmPK0frypBo2MvcpmAKUuJKhwlGnW5Fc/48s1YoIjRk
JlU3J3x8YkKFgxVTKLVu
=uD60
-----END PGP SIGNATURE-----
------------------------------
Message: 4
Date: Wed, 23 Mar 2016 14:35:35 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software Smart Install Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of
Service Vulnerability
Advisory ID: cisco-sa-20160323-smi
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
The Smart Install client feature in Cisco IOS and IOS XE Software contains a
vulnerability that could allow an unauthenticated, remote attacker to cause a
denial of service (DoS) condition on an affected device.
The vulnerability is due to incorrect handling of image list parameters. An
attacker could exploit this vulnerability by sending crafted Smart Install
packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst
switch to reload, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability other than disabling Smart
Install functionality on the vulnerable device.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU7AAoJEK89gD3EAJB5q20P/in7eAKdRpzbhxKKTtgTdB1G
swqyajq6ny5JYarnyGUewUsHDViY5+Nsn1LHoqZR+FTONcTbdPVAK7Bg4K8Zlyzc
YJoDN6mBrFt4tBAMQ8OnNUyykEQOj8sLWNp+vHJXNQfG9DkLBPNexTNeUXnIUIJ4
ErLfEhP42PAgnh0LQDv7KwcvwFEHuRxmNgvrjSmBGCujQLwRWuIDIQNglJ3iM9Hl
SsOeKbtkGuOSd34hfQWER3nUxckNexR7vheFIdG1FAXluwLH7LLYx4UngZtneyIU
g/XDPBZ93kvE5BGxP3bXGzL8fZKRgqzO7y9+nk+21wiCKgfScB53u6SRK8zio6oW
LzrJJGlJf05Oj3lBACthDxHQMB0K1gSOFfAH88T4Q7JcTqEglL8Z0Wt/PnYkkh0e
m97/bhTCoq6s6kWOwd2y68h65QVkHzizkhR2iqU0ZV/2sckVbvsJKHcGKnSZp0si
qsrTrlm0jcGD+PGM1f1oGu6C6buzyO5ZcE2RXRDllloVaPvwMnh2CWvrJpBDOsqd
qBXyFBiuEBGkUECroOEnBALNiIZ/n6V87rqBKINQWq4XQqiO0+Mqn/QBhCPZfv83
ZpAxtGiKyOnoMKS3CNjRJV/+lRH65Oy1f51kmFlGiZEaYnZ3Mqq0ikXVO5SNKDQR
1ze7mSr6cgQNQphyiDnv
=joeO
-----END PGP SIGNATURE-----
------------------------------
Message: 5
Date: Wed, 23 Mar 2016 14:36:07 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and NX-OS Software
Locator/ID Separation Protocol Packet Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation
Protocol Packet Denial of Service Vulnerability
Advisory ID: cisco-sa-20160323-lisp
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Locator/ID Separation Protocol (LISP) of Cisco IOS
Software running on the Cisco Catalyst 6500 and 6800 Series Switches and Cisco
NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches
with an M1 Series Gigabit Ethernet Module could allow an unauthenticated,
remote attacker to cause a reload of the vulnerable device.
The vulnerability is due to a lack of proper input validation when a malformed
LISP packet header is received. An attacker could exploit this vulnerability by
sending a malformed LISP packet on UDP port 4341. An exploit could allow the
attacker to cause a denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5IbQQALgBYRKsbfb0HRq6PwrX6hXZ
YSGvdheiu6Rk4qRM2xGrM0wX2pzux7iEiP2j9Ts9bhCs6Fhkh7RDWdSN06p8PzOy
pxaKtqIDnG838mhhDtoGkKB2LW+KpMK/5LxC5vWXXhYJ9BqaGZUXWUQQOgPfmfVP
mkYUwc3VrvEOfvrEE5DGgjrNcXWb6WzJPEyDW6icTOftl5m1Rx80Jstf9aPx72Dl
MYA7VuzzeBb4jl4E9/QyOEXw9m4l0cuk98LLlbDSu/Cn01hEUjLruWUubANxmxDk
IZv8hk7aJcLUQd5J3Go0YYZWWUq9rvivguO7wzlp7bXBr6q/XNieFqZl0T6AMuBz
tdA+FYfPbkbqNnbxodcSzphICVMFHX0SINBHVlstMfWzjwnHrgipa1NPDEBLDoxk
lglefU5zDxlM34Bh5+HSXQlRqLqfOhoKpStUX00DK68LtovElLQtfFRswmFtIaMK
aunBRXLFfA1rig6s2kPC6eyovYGPaph/744EfXcrSL1h5VKEBhFCRa8bDY7TpeyV
ZgFDWYA6vE0goEbHGH9f3L19NNrWD19t4IqhPdPkukgMZJixjU73tJwBYxKDwuAZ
lsvyK7iJrfu4zbzJ7+Cr16erk8zxBPWgT7KqDwU+rxYRet/Q7RxhNtwOYbWZfoBm
OhYo0ifUMRG2+AMJMsZI
=v8Kq
-----END PGP SIGNATURE-----
------------------------------
Message: 6
Date: Wed, 23 Mar 2016 14:36:38 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS Software Wide Area
Application Services Express Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services
Express Denial of Service Vulnerability
Advisory ID: cisco-sa-20160323-l4f
Revision 1.0
For Public Release 2016 March 23 16:00 GMT
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Wide Area Application Services (WAAS) Express feature of
Cisco IOS Software could allow an unauthenticated, remote attacker to cause an
affected device to reload.
The vulnerability is due to insufficient validation of TCP segments. An
attacker could exploit this vulnerability by routing a crafted TCP segment
through an affected device. A successful exploit could allow the attacker to
cause the affected device to reload, causing a denial of service (DoS)
condition.
To exploit this vulnerability, the attacker needs to route a crafted TCP
segment through an egress interface of a device because the vulnerable function
is an output feature of the software. In addition, the WAAS Express feature
must be enabled on the interface, typically a WAN interface. In most
deployments, this means crafted traffic must be initiated from within a device
to exploit the vulnerability.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f
This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS
XE Software Security Advisory Bundled Publication, which includes six Cisco
Security Advisories that describe six vulnerabilities. All the vulnerabilities
have a Security Impact Rating of "High." For a complete list of advisories and
links to them, see Cisco Event Response:
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5gd8QAKIvLg7vwXD/HuiRHNVVG69u
rvYEQjI1/fBYFUOba4oX31JcMvgSo1+SLDnpXGLrhnbE0+tZXUcDatTGARsaUYMs
4sC57yPf8gQe7kCujGf1Pkc18nF3qoVNKVwsMIpvBKLWACEg5QCRdHRWu/wJ5XhW
q/PkwC5O16gtNC7CaQ6RKO2tnRJhvknJ6xsOii9YA7djSVVZw5Tzqnpvi6E5ztn2
OTFKqRq42h0WS7i2FPEcJlZVrGclrh2dRczlSFjzhK+VeRgLAYEp1brGUwc02KkJ
n9QWn/B1tlfm1Rft2mGFyggpgVvGQkCtsRZIII8ZoFOHwXegdFF7/U62upj8u6zf
T1JrtnAdSCGkRdVjLXH+VKdG0+Jgi9xqXrjP7XC2xsUxhXl4WO1gzKPFD1w8zrcA
68E6aN/jFIJbXDEMTZRRKnoPCt2cIS90aPfukDNA/6xXx1j80+NxWNEPLE7MSgpy
woj5zr/1wEsb3ndjXkEQpxLQVeRr3nybrRpPEYVnmwRpZRq4AsZDYemv0i2i9frq
R3CB4vMmdah2A+jZXImMIfYt4HHLcndbYgCd7+CtfXdnLZugoKaIG65HYuRfImyJ
ND+ERscodpJo99ojNETIpwtraJ4VvDkqC7Mv2cuWBVJG3tD0LOmSJs+HWOQuxtxC
XDxVegi2KshtmhYIImHY
=UTvK
-----END PGP SIGNATURE-----
------------------------------
_______________________________________________
sanog mailing list
[email protected]
https://lists.sanog.org/mailman/listinfo/sanog
End of sanog Digest, Vol 50, Issue 9
************************************
