Executive Summary

Title Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
Name cisco-sa-20161005-dhcp1 First vendor Publication 2016-10-05
Vendor Cisco Last vendor Modification 2016-10-05
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash.

This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1

BEGIN PGP SIGNATURE Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5aJAP/iqU3jgnj8/ZfH9bDtTZzo/J lgymui54AgbK11rUmqDyzsPctHTzb/RONGNvozEMT29MgTw/5YKXGdEEdJpEcTRB n0btkc/5HJM0kS0wICLCQgwNdlmj+ERYuNIV8q9VwyPOSKoNQy/kKt4QRyzc2lbI E8nnrEyZZHYtt/eP7Ltgpy2YnXsP+ejzc8jPTYQXJiPById/mOINSjo+iw5Pr6O1 0L2De/WsiDHsWyBnOlljktupLWwxwVSNIYGO6nibMc7R878oB7MQs5/OymQq1CGH b2ed5nROf5QtFdo+pgRCjXw/87j40BNr1IKcCd7U9fzvzIGxF5JxDQ8lyzEJ5N/5 DOOlfa0CtQ4qwaP6lwOsO1mNrUjcNCDugmICucNo01VGyAReMLy+4vQBmD9AkByU cq51vQXe5C3PyU4quaDK15Ix1DM5Q3FJKRyaJ+6ScA0I27L9BSel7XamI9+IrD3N S9VKpjcZvXSauwfyQlnKilBNiQxbzQpt6a8UcX/EOx/sEu+G+fa64gPRcdi6nTKQ RTj+iqttSRJujQqYWVB1/5xK/VhNu3T8J7KssmS/gFXxmpCGebZLNT9ooiQQk2UY a6gaFcsNladvhr4Y8nltV+jLpCal9vD8og7B6dd0EU8XMvUxTTftP/xJANNghCa4 ks2Moj0fJ6Nfk7DYr8GW =uwR9 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

Os 105

Snort® IPS/IDS

Date Description
2016-03-14 Cisco NX-OS DHCP option parsing denial of service attempt
RuleID : 37426 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2016-11-22 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20161005-dhcp1-nxos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-11-23 13:25:43
  • Multiple Updates
2016-10-14 00:25:22
  • Multiple Updates
2016-10-06 09:25:22
  • Multiple Updates
2016-10-05 21:21:57
  • First insertion