Send sanog mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sanog.org/mailman/listinfo/sanog
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of sanog digest..."
Today's Topics:
1. Cisco Security Advisory: Cisco IOS and IOS XE Software
Internet Key Exchange Version 1 Fragmentation Denial of Service
Vulnerability (Cisco Systems Product Security Incident Response Team)
2. Cisco Security Advisory: Cisco IOS and IOS XE Software IP
Detail Record Denial of Service Vulnerability
(Cisco Systems Product Security Incident Response Team)
3. Cisco Security Advisory: Cisco IOS and IOS XE Software
Multicast Routing Denial of Service Vulnerabilities
(Cisco Systems Product Security Incident Response Team)
4. Cisco Security Advisory: Cisco IOS and IOS XE Software Smart
Install Memory Leak Vulnerability
(Cisco Systems Product Security Incident Response Team)
----------------------------------------------------------------------
Message: 1
Date: Wed, 28 Sep 2016 12:25:52 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software Internet Key Exchange Version 1 Fragmentation Denial of
Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange
Version 1 Fragmentation Denial of Service Vulnerability
Advisory ID: cisco-sa-20160928-ios-ikev1
Revision: 1.0
For Public Release: 2016 September 28 16:00 GMT
+------------------------------------------------------------------------------
Summary
=======
A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation
code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote
attacker to cause an exhaustion of available memory or a reload of the affected
system.
The vulnerability is due to the improper handling of crafted, fragmented IKEv1
packets. An attacker could exploit this vulnerability by sending crafted UDP
packets to the affected system. An exploit could allow the attacker to cause a
reload of the affected system.
Note: Only traffic directed to the affected system can be used to exploit this
vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1
This advisory is part of the September 28, 2016, release of the Cisco IOS and
IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco
Security Advisories that describe 11 vulnerabilities. All the vulnerabilities
have a Security Impact Rating of High. For a complete list of the advisories
and links to them, see Cisco Event Response: September 2016 Semiannual Cisco
IOS and IOS XE Software Security Advisory Bundled Publication.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB56nIP/3nkibZCUPqC2Aki8HhkABUi
CsKrKk/a/eG1Y+4yGM2pFIfUwVXUX8cjIus14c418CxuePCNZf/u8WcNcKnd+QNa
WahXGn2krIlas7g8kJP8Pvk8nVyxYF10nR8MPQDjCyGXmuAbRdkuPUjEopDkMr4R
xabgu/jL7M+ZEfnwbGZRhq3jMBiHxKhOSZO3qDZYKOMB3KALQBPL4GiRGO1eHrzs
F6ZE6/l4d5GvtiSeD8WJ1A8oY3gSo6qD7VZcnDq3ZvHN2Elnc9WRs28CN70eh+xz
VQDN7+Vm2GqvRgRSGtypk7vLmaeUnZEXQ5jpJHQFgTnp7n4elVH4dC2DmF1bYd/m
M220xbScBKvVjjUihQechgTsINwkBbARAnuTlN+IL/2FQqF+XEmSMLzEgvTMD/gn
aNk48i8Vx2nAPd8lzi5Ab2mvX14ss/tonnz6behCd5uqKU0UZ18bUEqc2haYAAM4
iWiE4K4SqorOHZwcpWSsJ7Vs72wmXRYnxzD2A2meTskyLQo5cJP6eqkK7Tadqf18
ao3Ao4hdVbkRVEMnhG9N1oVB5X9GAIsUMfeWEA/nKuomLLO37NgDEc8Rg278W6og
SH75yARDeViyDQg7+AlZnlJlB82+ORgMlsJFBUD3hKhCQYX4Ou3GU5BccPxY4KAQ
oWNuau9ap2FXdMVrW4gl
=Ku7Q
-----END PGP SIGNATURE-----
------------------------------
Message: 2
Date: Wed, 28 Sep 2016 12:26:24 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software IP Detail Record Denial of Service Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software IP Detail Record Denial
of Service Vulnerability
Advisory ID: cisco-sa-20160928-ipdr
Revision: 1.0
For Public Release: 2016 September 28 16:00 GMT
+------------------------------------------------------------------------------
Summary
=======
A vulnerability in the IP Detail Record (IPDR) code of Cisco IOS and IOS XE
Software could allow an unauthenticated, remote attacker to cause an affected
system to reload.
The vulnerability is due to improper handling of IPDR packets. An attacker
could exploit this vulnerability by sending crafted IPDR packets to an affected
system. A successful exploit could cause the device to reload, resulting in a
denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr
This advisory is part of the September 28, 2016, release of the Cisco IOS and
IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco
Security Advisories that describe 11 vulnerabilities. All the vulnerabilities
have a Security Impact Rating of High. For a complete list of the advisories
and links to them, see Cisco Event Response: September 2016 Semiannual Cisco
IOS and IOS XE Software Security Advisory Bundled Publication
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB5cTAQANacywd8Tm+umYNn6ThhV79U
zon3EGAw0Ip0P7yivkLEbcreVBnzKYNPfI4MFcx8LoPjRIrdQ9zz5BaaMHQ0iuwE
48INPpKt770/Ch09xeJ3VFoMYis4KuTt1LxxFF0GmotIMb2j0tWptgTaKgzRbZkS
ucskkvlzpzCGXULeYM5WbumoLG8r/shZq9YqhvTHeiunf346t76ouAxoJhM81EdA
yyT8PDDrU7fpJt5yOUkQ/fqWW9jERoQMHOjSs2rtdQKNhERsm4jR0IWgkAz8GVAq
eOAusgNBGrghvGpKDyskuBHewxwRO6VxY9YOnZIr8z3cimsuzd94qQ1iRxNpHXPP
t5kWlj3Rf2zz0ygTV7Ed7mTRBgzBdVA9gtvbDLGAg4d9MCU/axSeS95iHRRzxOeQ
Q3gjb1+uGW1yiNaf9QQ0X3OzPiqF3VLBeuhXXFAXRpMuPMRwCP14ZeIr6QtbvPj2
aiJUKDpRU9qewl4e508a2YR4Z5MWQERqpa4uFDHkgmT0QSYQVZjeFWI0AlBDFGkd
VmNpqZsleXkrJQIGCo6On+Y5f7XAHPiii6LtWIFD46mMLtqGfkxnFduIR+b149e1
+ZxjmBRtLnyd1azIy6NRAwn+5pACLI4Zc4HsNmxuDZVxjEiH+TzR8IZ7xkfu8d1f
MRHUGwKUgzfjgDJhIh8B
=Ajyx
-----END PGP SIGNATURE-----
------------------------------
Message: 3
Date: Wed, 28 Sep 2016 12:26:56 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software Multicast Routing Denial of Service Vulnerabilities
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20160928-msdp
Revision: 1.0
For Public Release: 2016 September 28 16:00 GMT
+------------------------------------------------------------------------------
Summary
=======
Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE
Software could allow an unauthenticated, remote attacker to create a denial of
service (DoS) condition. The issues are in IPv4 Multicast Source Discovery
Protocol (MSDP) and IPv6 Protocol Independent Multicast (PIM).
The first vulnerability (Cisco bug ID CSCud36767) is due to insufficient
checking of MSDP Source-Active (SA) messages received from a configured MSDP
peer. An attacker who can send traffic to the IPv4 address of a device could
exploit this vulnerability by sending a packet designed to trigger the issue to
the affected device. A successful exploit could cause the affected device to
restart.
The second vulnerability (Cisco bug ID CSCuy16399) is due to insufficient
checking of packets encapsulated in a PIM register message. An attacker who can
send a malformed IPv6 PIM register packet to a PIM rendezvous point (RP) could
exploit the vulnerability. A successful exploit could cause the affected device
to restart.
Cisco has released software updates that address these vulnerabilities. There
are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp
This advisory is part of the September 28, 2016, release of the Cisco IOS and
IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco
Security Advisories that describe 11 vulnerabilities. All the vulnerabilities
have a Security Impact Rating of High. For a complete list of the advisories
and links to them, see Cisco Event Response: September 2016 Semiannual Cisco
IOS and IOS XE Software Security Advisory Bundled Publication.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB561YQAJOjzfSJejNp1gjlewhIWplx
q16B1gGQVWYLquXpaVrvVvelMZ7pk3JD0zrH2MVh1s/TUNEqtm7oJutt+KWAqoNU
Z7m0+uo/wE8S8AOmZXR1tu9KY+z8sFQp7Te1UetXA+S1F6pz0vy9OhkuwTcZNj/M
SEr30EodtSLpQMC/MktE5gnTB8Bw6hSNYdDg9Q9gLpL9tc8466rSCJ0iM0L+wEYD
7eno/yufeV6KpuabR1tCSVgvEdU/Z5SSWspbaRQbFdgnQyN+Kux7sZ5b4rkhGd0G
SW0GjTkD03ITVlwoiVhIdI0VwA6A8MVgfKRTEqWeNGvwQOOrPUsI5t1u/OW2quqe
oCihEzcVIthTpz1GiKoetpC3mtzxvn3kPRrCNZ4ah4AygUSMGvq4hmwxFvX81i9s
iFecwbSszNLHeEFhyOt8yaPiYpB5w4wmSYGztr4KVWs4pPWKVgrMhpqwqDd4nzmI
5g4sh/AJdQysHznUe5DAFCfPDulJkylZN4MgVQ+pd1RYWvrjTrg5EeRfVhAryiWh
F5mTAGLuESO8QIsk/Vyk2bDcw/sfBcwcbGY6yb+7a7E7KMCllqLzJhI+XncbEyxk
xaJYIbWbofJ46hWqGTz6RHDMjeWUdojruymZmvR+a20cHHT+qCAA5Air7JTlatr9
Oj07cuVQbR2OI4RUrH+p
=fO6P
-----END PGP SIGNATURE-----
------------------------------
Message: 4
Date: Wed, 28 Sep 2016 12:27:28 -0400
From: Cisco Systems Product Security Incident Response Team
<[email protected]>
To: [email protected]
Subject: [SANOG] Cisco Security Advisory: Cisco IOS and IOS XE
Software Smart Install Memory Leak Vulnerability
Message-ID: <[email protected]>
Content-Type: Text/Plain; charset="us-ascii"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory
Leak Vulnerability
Advisory ID: cisco-sa-20160928-smi
Revision: 1.0
For Public Release: 2016 September 28 16:00 GMT
+------------------------------------------------------------------------------
Summary
=======
The Smart Install client feature in Cisco IOS and IOS XE Software contains a
vulnerability that could allow an unauthenticated, remote attacker to cause a
memory leak and eventual denial of service (DoS) condition on an affected
device.
The vulnerability is due to incorrect handling of image list parameters. An
attacker could exploit this vulnerability by sending crafted Smart Install
packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst
switch to leak memory and eventually reload, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There are
no workarounds that address this vulnerability other than disabling Smart
Install functionality on the affected device.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi
This advisory is part of the September 28, 2016, release of the Cisco IOS and
IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco
Security Advisories that describe 11 vulnerabilities. All the vulnerabilities
have a Security Impact Rating of High. For a complete list of the advisories
and links to them, see Cisco Event Response: September 2016 Semiannual Cisco
IOS and IOS XE Software Security Advisory Bundled Publication.
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB5z5cP/jN0FAtH3nzkV5QMMWX42dEB
2kA0Bb2OkL6FUW6zp2mRsGKM8UwpKAOgctHYp0SLpIxQC3SJWCaavIqlYQ3noket
4NEaB+P5wAABkq4m0pxa+NorF6x5VbA2yU4LB7kgofg6Izxso7QtjogPUy5r44Cp
oDV1CGC+oTjfizg2pF0Bj3vxfwv5hz2ZCUWq01fs8OF6N4lVs18deskLtLvEOPo7
1IwyIwJEUuxvR2XjRWbTgTt2HKmdgGSpbw9TVaYcBoMCFr/k1uhvgA3b8KyH2az/
y4Ao6EmgvI2SalJlTpmTPAeNDjSmSbnatq2nA8IOFjSn70OBtMcSPUfbzSZ5wLlw
HnFAkYuBNkzkMsj4+gu5jayQcUVvcxdL5Zco0hGaAYgjUihh0PHfYGBsEkInvdE/
5X4axai/MH/zLDrO7YHwvIPVXjmDra+evSxhl7FTxhIFR22GdJ9VsZE2JdvNuXU/
ddiqF7htiTMzT2GF+zLAL8aQdjnw3Ft/F65U1VR8/Rdxsc5kn8fyKLxmjPiPuyYK
VcoGq2sC5foOBdKXi6k7oaOoYTgiSyTxah5s70GZwirLGfL+6vDVMdaSqljX4ot4
IuhX9fAi0gaMXpGEFEf7SAF4y91Skr2DQWxMWhNkdJ6WFPVXU2aE+G3Y3urjPR/O
cqKVSps53RqSlRhixPBF
=DfQ0
-----END PGP SIGNATURE-----
------------------------------
Subject: Digest Footer
_______________________________________________
sanog mailing list
[email protected]
https://lists.sanog.org/mailman/listinfo/sanog
------------------------------
End of sanog Digest, Vol 56, Issue 8
************************************
