7.8 - cisco-sa-20150325-cip

The Cisco IOS Software implementation of the Common Industrial Protocol (CIP) feature contains the following vulnerabilities when processing crafted CIP packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition:

Cisco IOS Software UDP CIP Denial of Service Vulnerability Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability Cisco IOS Software TCP CIP Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the forwarding plane, resulting in an interruption of services on an affected device. Repeated exploitation could result in a sustained DoS condition.

Additionally, successful exploitation of Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability could allow an unauthenticated, remote attacker to cause a memory leak on an affected device.

Cisco has released free software updates that address these vulnerabilities.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html

BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJVEg3EAAoJEIpI1I6i1Mx3gQoQAMgga/GDsaG87OcxdBDP3PS0 VWVup8SutEuU6I0Gb+L/PmUYPTNCq7Tc25Cumoqy6z5K7jqNsmsrjzoFeUR86Ksr GYY1hFEc9M4nOapTzoiNFQAxg8bGxh5u4PemCCg9CbEfqP51ItKUmKKcsmT45YpJ M2uidBLWkPum0bcfAvD7JMox/luzMFyAiLnb0IJj217hMVr1OmZou66V8cQfWZZl He+pT5WcPKd116GAB3Gb7B0lcEHduTQAb2psSrPOPJLE4bOwBtyuC17wjCoblQKh W1SLIddEDTUHIkvKt71ZKjvARIiwdEFnZWd9QoH9DygSvTPoooN168Ub5S9rqVDy E84p7pJf0FSyAFrXqTdl0vZHIFmZlDwGZnablle1+E878im49dDY2mSLVEQs21Pr V1iu6R9o+affi4MLFPAQSf1zTx6r6zotCO0Rnp33QfFo97UdLyL7I2qtpZhSczGU 4wTySD8qvM/02rUvszWg/YoJ12A7IU5YMjCXb/Lfkd6UYK/go4BA3BuqZAqSuvAN AWq6MEdOsV4uuchVm0ha1YgdQzt9vNveR4twYpSiQZ0MnzcB9020nLlHmVAB3+lY d04mKF1SMQ568mfes8/lNt0fefc6XkVvrZeIk+9uNn+irAynRRBZR2wpnvQT/Xev qc1FbxmTWdixlVg1kZL6 =b7Xz END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com