Executive Summary

Summary
Title OSPF LSA Manipulation Vulnerability in Multiple Cisco Products
Informations
Name cisco-sa-20130801-lsaospf First vendor Publication 2013-08-01
Vendor Cisco Last vendor Modification 2013-08-01
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:P)
Cvss Base Score 5.8 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic.

The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability.

Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2.0.19 (Darwin)

iF4EAREKAAYFAlH6SCkACgkQUddfH3/BbTpGpgD+MsCo7uFqgGLIay4UOkjNFB13 QpWKflcEOL6WAJfNIzIA/jTODW/TkM9KSixhd/CewRqjwuJ4lPGnWAGV+AXxb1BQ =Vnj7 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25963
 
Oval ID: oval:org.mitre.oval:def:25963
Title: SUSE-SU-2014:0879-1 -- Security update for quagga
Description: Quagga received an update fixing two security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0879-1
CVE-2013-2236
CVE-2013-0149
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): quagga
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 8
Hardware 1
Os 487
Os 62
Os 1
Os 6
Os 1

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-08-21 IAVM : 2014-B-0113 - Cisco NX-OS Software Remote Security Bypass Vulnerability
Severity : Category I - VMSKEY : V0053881
2013-10-17 IAVM : 2013-A-0195 - Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity : Category I - VMSKEY : V0040781
2013-08-15 IAVM : 2013-B-0086 - Cisco StarOS Remote Security Bypass Vulnerability
Severity : Category I - VMSKEY : V0040039
2013-08-15 IAVM : 2013-A-0157 - Cisco ASA and Pix Firewall Remote Security Bypass Vulnerability
Severity : Category I - VMSKEY : V0040041
2013-08-15 IAVM : 2013-A-0159 - Cisco IOS XE Remote Security Bypass Vulnerability
Severity : Category I - VMSKEY : V0040042

Nessus® Vulnerability Scanner

Date Description
2013-09-20 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_quagga-130822.nasl - Type : ACT_GATHER_INFO
2013-08-16 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20130801-lsaospf-asa.nasl - Type : ACT_GATHER_INFO
2013-08-16 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20130801-lsaospf-ios.nasl - Type : ACT_GATHER_INFO
2013-08-16 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20130801-lsaospf-iosxe.nasl - Type : ACT_GATHER_INFO
2013-08-16 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20130801-lsaospf-nxos.nasl - Type : ACT_GATHER_INFO
2013-08-02 Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10582.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2015-10-18 17:22:06
  • Multiple Updates
2014-02-17 10:22:10
  • Multiple Updates
2013-11-11 12:37:33
  • Multiple Updates
2013-08-05 21:23:44
  • Multiple Updates
2013-08-01 21:20:03
  • First insertion