Executive Summary
| Summary | |
|---|---|
| Title | Cisco StarOS IPv4 Fragmentation Denial of Service Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20180711-staros-dos | First vendor Publication | 2018-07-11 |
| Vendor | Cisco | Last vendor Modification | 2018-07-11 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJbRitpXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczoRoQANYjiL4uMrAFGBRQBgrkM2k3ymvs xgx2ftJA6fC4udVnV7PF4x8n8dUrEjZ3xlNpkXl7h02A9d7Efvm7Gf+IGV1hin6e YGHIgJUBscpWjK+SzETYpqmh0DOek6OjqlCRIlaJxgaCm5Oi9ZAE/Z7GBAVQV/fn gvkWDQHlCwtX1niFxwOM+wfNbulXThBDE14lZyboC6woMcomDBVgVSz0aKu/W5kX yltBvxmRaieEjV9rJgDP3uQdWW5s5WI5etsQ6bZ0kO83jTqHvwsR9GxQSxM4WI2c 2gFHreXBEJD29bh2+51TnzFO3Z54L6ytz2J/gg0BpaZT8Us15aVLuQLkODbXIxl3 uM+MnKhkls6zsI/z79RpqJLmJwCWSszOATjlDPcPjrvvfyroKBvZ/LuZ7Py4ZfpZ Mrdl54/3HBDBXWcRbCegNGrgZW2RXPDV64VCMq2deo7ucRvWwkyaO5wn9a/hAxWx kmDBvhOjIOzVF4z1MaU06hm0sn9eZQu/QLkemtocKIHpsl3iRrDRNrCO+M2kPJzC S6u/dpSddmGGJUyYrOr0JRPy900hG+KKKQSwwElTUZY+Oc9BmGK+w82ahhCMJM0E sXbi9mPj2mSopiIxLZzOxjshCX0qgBHad5WFlnfaUH8mGVp9OabhoAhX5ZhsxC4O 8W9x+jTWimBTgYgA =pRI6 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Alert History
| Date | Informations |
|---|---|
| 2018-09-20 21:21:56 |
|
| 2018-07-16 21:21:48 |
|
| 2018-07-11 21:18:40 |
|
