Executive Summary

Summary
Title Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability
Informations
Name cisco-sa-20150730-asr1k First vendor Publication 2015-07-30
Vendor Cisco Last vendor Modification 2015-07-30
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet.

The vulnerability is due to improper processing of crafted, fragmented packets. An attacker could exploit this vulnerability by sending a crafted sequence of fragmented packets. An exploit could allow the attacker to cause a reload of the affected platform.

Cisco has released software updates that address this vulnerability.

There are no workarounds to mitigate this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150730-asr1k

BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVbpKZIpI1I6i1Mx3AQIXNBAAsL6aoaOpHNE2zK2WcW3pYgnqUkX67X0K cavUKGkmOfimpZVv803qjKwLNIaBZRwZHRaHn6gMgvJp28DikDaG5cgGXfi77hxq 3t3JlT6bB6CD99vQmRRVjRDnJCKwpTlw7E+VpqPCQdG/4AglpKq1d7VkcZKfhZih 8H0/XY8FWM0x3mfcX7Hv+he1r6ckvXHixtmWWujYt7l6FO54LpECgNkivst730V9 pMaMQaThMIhuljBJVyt3sn57tXMKrV1Fsh4Tir8S2cDrmIQ/kYz09emg8Uxeotpp YM0RoLQoS1SL/49rmCbH6TM4+gv2TNgDKWJIgk47BUZZE8DB9sReBH+cNnetG5J9 dt/+03tVbZ7vADgkfEey0niKQp/Vi400ExGR80FtR9vVoabQBZP2Sy5T0G4KJE+r E6icqfP+keu2ovoEf7IxSBDvDa+0DzXckHz6i8gvi21iJQFRhdjsdWk5OkAomEys rQYTkcpe15UE1WR0xURwEEayN5sXsd0iO0X6f19cdHWSbGe2VMn+1PS3198GKHz1 AYk2NqMBU9tT9M6gH1RmsqNvMBK5zhRuLaJwu5AlFhJkdjZQ7LplMjw0hm2hBqJ2 TetaGNLryB6Av3co13qWUPgTRRjmeiQ1C1Q10KHYJBkwsDty82F6RNvwmcCLq/jp fFoIfOhaFso= =bOtY END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 13

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-08-06 IAVM : 2015-A-0185 - Cisco IOS XE Software for ASR 1000 Series Routers Denial of Service Vulnerabi...
Severity : Category I - VMSKEY : V0061281

Nessus® Vulnerability Scanner

Date Description
2015-08-06 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150730-asr1000-iosxe.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2015-10-18 17:22:10
  • Multiple Updates
2015-08-12 13:32:50
  • Multiple Updates
2015-08-04 17:29:48
  • Multiple Updates
2015-07-30 21:25:54
  • First insertion