Executive Summary

Title Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability
Name cisco-sa-20161005-otv First vendor Publication 2016-10-05
Vendor Cisco Last vendor Modification 1970-01-01
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the Overlay Transport Virtualization (OTV) Generic Router Encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code.

The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the OTV related process on the affected device.

Cisco has released software updates that address this vulnerability. A workaround to mitigate this vulnerability is available.

This advisory is available at the following link:


BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBV/Jmd689gD3EAJB5AQJKfxAAgQHHRNd10fAZT/Nv9Nd3OarYWZjt9QnE c3Q5KPGZ8yBsoBDp9vGNq3Zu1XRLz9TZJk/2hqs3AOGLsONeyJ+wcce01/zYwdxv wjgXc/qs/fT4uDFSjguCq4alBDJoxA+MCDH9ZYJ1XdykCVoZprcJQFbiRuSkKJJB 0pS1RsmiJ1KXbOpG7oCU/7ptb6gVAMVieTZW530Feu/WXssLA4I8wprNfhdMzW5Q 15KqH+pOZSr831rjBQahnudBB1u5smw/fWWgtRZxo6x3OSbS2drqGaRbNg6qPtl7 m8zdl2Rd++FYEwKm61Xwm7t8x2m2Yh/aHRRGL5bTcit1xFETiadL73hiD2wFoYdR XEIFnYn+7tkIOhq2cS89O+00CYipFTwBBsMpibURVP56nY3xUaiv4AL72bxed0ys afJ1ZctMSLOQRrcjbmzRWFyCjZEjg03SrPOCsCmQRRkl0MPeGCJ/e7gkhE7aYN+B E1dsASbbLHyH0zwkOGMxoDiPHf1UPiSpXN9JpdAZlk6iF5sD4POXhmAtYgyyQIDt 6mZn6hW7HH38hTErrze1rN1IIQiO/qDjowkQuSi5G3SsT3uAGn4Rtz6oZTHzLuYq LT/vX3BK/0WbKII0Zz/Vw4QY1vhx32rgdGzez0H/OKMKMICsi8IvuqXGeOZZC++B CoZE5dSl+VI= =P29o END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Application 46

Nessus® Vulnerability Scanner

Date Description
2016-10-18 Name : The remote device is affected by a buffer overflow vulnerability.
File : cisco-sa-20161005-otv-nxos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-10-19 13:25:47
  • Multiple Updates
2016-10-06 21:25:23
  • Multiple Updates
2016-10-06 17:25:22
  • Multiple Updates
2016-10-05 21:22:01
  • First insertion