7.8 - cisco-sa-20170322-ztp

A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp"]

This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication ["http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851"].

BEGIN PGP SIGNATURE

iQKBBAEBAgBrBQJY0qLqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHldyhAA4AUlw+TdlwzGjw66 a9A1qiAyLXXUNOACKIzHcNZ9vM0nEnYdi9MrS36J/W3bU4etGzgOkJ6oMt2AOU8V fgykNstP2rcUwn2qiAhL9edrG2iBTG3FVgKaeud/pYobXqHX7U9EgPwxANZkdNez Xt0cCQCa6ENn8MgVbboCZl2AMXhV7rkI45J1a3ecoN/ooZN71TTo/vtYv8nl4khE VxRBLNE3sSSNgE0tcnseoH01kjTzGn2lh5e/RJL/F8OMMTg+sg399HGkxlVF/r0Y 4c5dIad5eg3Ra3X1El8s8r0p8YBmFhvBuO64MYzysT4OYNPOw2dMbtAso/b3vpJf uRkHpOMEPM0Jg+hZBNGyCyUMyipfPmlaUvEIb6o4+vM/uNVwH5qpsgkVXWuCwR64 CR9axg7CJ/LSDoDjWhZIpSUtYNWZxhSFMdOlTZVU9m7idTsQjH1KfQtmqH06uEMc sZIal21mxlv3QiVD606fT/v4NDiZCVllNeSX8zBBMV95zPS7UJ1DO9qOBuF5bGsX 9jyLJr0RMxdCt5LJlsA8vjm6VbgwDxGR3SttZRQO5QESg3bJ3JxJ+fEujcDZFol6 u89nQqUY3b+tBQOj3hOUYz6ztsA2YDoYae0lD/PQ0KxRbcbweADSKlcPy2JBCQi +mduV2xoL7F5JFPL/AMjuurgMZy0= =waSy END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com