Executive Summary

Title Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
Name cisco-sa-20161005-dhcp2 First vendor Publication 2016-10-05
Vendor Cisco Last vendor Modification 2016-10-05
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash.

This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2

BEGIN PGP SIGNATURE Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5MVEP/3Vx+EYmJR06nN7u3bJ09QcL rCM8WkIN1l65nJOsefcneDlPoLDnob31KznL81u7gXtXuOptUD2sT0TsDePwKatT otvhVQEu10tzOmDwStDjhNO6q5fsrExFMrdD/GwU8ZSWUlffWfMT22Ov4o31qck1 rMtE5Qs7G9oaSVNA+CkXcQijdhnkgBs3C51CumSHB1R7HkZcNJdPU7bOlU5lgb9p 1kzg60E4owVThLiGoG9CwBYoW9EhhkiUQCDiPui/cyp2SFuUeGdcz+hpX48Uf/0 +/2t2cqmibN44Yo/1NJytmEam4HhjF+rpPZBO2R/1/Woggh5id8FAGFmg2prcyM8Q 4/o9PZHFI61UrXAFIHyvEJGdrU5hCrGHaoOZMoY+TwCdmw+bvvYjGu1uSzK6An0L PDzJkLVSwogr16dECgESt3BEA819it9r9M87c+oRp020aniWZnne39xuXnCA6oN1 3+183bnFKYpgdYrlDLNICOi2MdWsEAjxPFMI/zkHlQtqus4vkuWtSPkiC6+AlGeZ 9z8YEbpjFhfZjlhqnXd9jLNQLAxFGAGOcz3vndjNsIwLQmaN67+EIbtt30lxJ0Bq JmtrsojSOx6VsH9JigAOxznLzF//R4reNopiVZqwvIAHpbE3CXjSmmp5601QPVK7 nsoocohg8L6C9yNvdQSU =jkG4 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

Os 104

Snort® IPS/IDS

Date Description
2016-03-14 Cisco NX-OS zero length DHCP VPN suboption denial of service attempt
RuleID : 37414 - Revision : 2 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2016-11-22 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20161005-dhcp2-nxos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-11-23 13:25:43
  • Multiple Updates
2016-10-08 00:24:51
  • Multiple Updates
2016-10-06 17:25:22
  • Multiple Updates
2016-10-05 21:21:58
  • First insertion