Executive Summary

Summary
TitleCisco StarOS IPv4 Fragmentation Denial of Service Vulnerability
Informations
Namecisco-sa-20180711-staros-dosFirst vendor Publication2018-07-11
VendorCiscoLast vendor Modification2018-07-11
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time.

The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbRitpXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczoRoQANYjiL4uMrAFGBRQBgrkM2k3ymvs xgx2ftJA6fC4udVnV7PF4x8n8dUrEjZ3xlNpkXl7h02A9d7Efvm7Gf+IGV1hin6e YGHIgJUBscpWjK+SzETYpqmh0DOek6OjqlCRIlaJxgaCm5Oi9ZAE/Z7GBAVQV/fn gvkWDQHlCwtX1niFxwOM+wfNbulXThBDE14lZyboC6woMcomDBVgVSz0aKu/W5kX yltBvxmRaieEjV9rJgDP3uQdWW5s5WI5etsQ6bZ0kO83jTqHvwsR9GxQSxM4WI2c 2gFHreXBEJD29bh2+51TnzFO3Z54L6ytz2J/gg0BpaZT8Us15aVLuQLkODbXIxl3 uM+MnKhkls6zsI/z79RpqJLmJwCWSszOATjlDPcPjrvvfyroKBvZ/LuZ7Py4ZfpZ Mrdl54/3HBDBXWcRbCegNGrgZW2RXPDV64VCMq2deo7ucRvWwkyaO5wn9a/hAxWx kmDBvhOjIOzVF4z1MaU06hm0sn9eZQu/QLkemtocKIHpsl3iRrDRNrCO+M2kPJzC S6u/dpSddmGGJUyYrOr0JRPy900hG+KKKQSwwElTUZY+Oc9BmGK+w82ahhCMJM0E sXbi9mPj2mSopiIxLZzOxjshCX0qgBHad5WFlnfaUH8mGVp9OabhoAhX5ZhsxC4O 8W9x+jTWimBTgYgA =pRI6 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2018-07-16 21:21:48
  • Multiple Updates
2018-07-11 21:18:40
  • First insertion