Executive Summary
| Summary | |
|---|---|
| Title | Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20160525-ipv6 | First vendor Publication | 2016-05-25 |
| Vendor | Cisco | Last vendor Modification | 2016-05-25 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0XLn689gD3EAJB5AQKJKxAAnJ91wZ0Ag79YXUfK9+5K/Vw25Z+FSOhe cElgkCsqW7DWhD/C1kkikheTBu7a56vvwTJFYNpO9ikYcY++g7WhrNW1ZMhlGz/C rQD2QD6RTSTdnWswco9CWqArtAXWEXOfgZsrrcJWNVi3klEuNKOaGMmQP+6Indgr Vdx7YD00XHlXN4c6ym28Ax7WP0RSFiEGvrHcniN2moH71nbQrOgNuOK1Bdzg3DiK Lz3LSqvastJ5HSkDYoDBuEe9GKLQPnlAo6wovsiH0hu+mD+BlMHlyI8R2Pdt3Wlv 8hqgkg825yeWdYQbrUq8ypG3ZKwoGqMW4skgzBGYUkYUqYw/ZChxtYR499tPUp43 e7dgpfMtU7kNJoPpGFuJFozCstqcM/+YAywyC6YywEhPJS7ns5NTQvybKjY6C32O Df4HZVbB45R/RZkmOBaVVlFq2fZ0DLRczAbmUm8is1E65UfQADSl8Pllraymfk4D GmK/llGmv2QOekmpF/+m86RxbBrJgf24JrbrOzORAofz4MGnAOH4TmkMd0nQj/HI 1YYyIP098gXVX/tQtSRYjgbsg3EjhRzVEsQ5w3DTTvpv2+A0d5XlfZWJ0RKC0IZ +nC6qPcS/Smc/gAj2VOH1EaayspAFVuLkYL+wk45HXT9YqX9ifjBypco+26664+Ap mFegCw21dbc= =66eS END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-05-27 | Cisco IOS NX invalid ICMPv6 neighbor discovery hop limit denial of service at... RuleID : 39065 - Revision : 1 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-06-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_jsa10749.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2016-06-08 17:42:58 |
|
| 2016-05-25 21:25:36 |
|
