Cisco ASR 1000 Series Router L2TP/IPv4/IPv6/SIP/H.323 Processing Bugs Let Remote Users Cause the Target System to Crash : 8/28/2015 9:38:16 PM
Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >> From our sponsors |
Vulnerability Databse |
This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
Cisco ASR 1000 Series Router L2TP/IPv4/IPv6/SIP/H.323 Processing Bugs Let Remote Users Cause the Target System to Crash
8/28/2015 12:00:00 AM
Cisco ASR 1000 Series Router L2TP/IPv4/IPv6/SIP/H.323 Processing Bugs Let Remote Users Cause the Target System to Crash |
SecurityTracker Alert ID: 1033410 |
SecurityTracker URL: http://securitytracker.com/id/1033410 |
CVE Reference: CVE-2015-6267, CVE-2015-6269, CVE-2015-6270, CVE-2015-6271, CVE-2015-6272 (Links to External Site) |
Date: Aug 28 2015 |
Impact: Denial of service via network |
Fix Available: Yes Vendor Confirmed: Yes |
|
Description: Multiple vulnerabilities were reported in Cisco ASR 1000 Series Routers. A remote user can cause the target system to crash. A remote user can send a specially crafted packet to cause the target Embedded Services Processor (ESP) to crash and the target device to reload. Layer 2 Tunneling Protocol (L2TP) processing is affected [CVE-2015-6267]. The vendor has assigned bug IDs CSCsw95722 and CSCsw95496 to this vulnerability. IPv4 and IPv6 processing is affected [CVE-2015-6269]. The vendor has assigned bug ID CSCsw69990 to this vulnerability. IPv6 processing is affected [CVE-2015-6270]. The vendor has assigned bug ID CSCsv98555 to this vulnerability. SIP processing on systems configured with Network Address Translation Application Layer Gateway (NAT ALG) are affected [CVE-2015-6271]. The vendor has assigned bug IDs CSCta74749 and CSCta77008 to this vulnerability. H.323 processing on systems configured with NAT ALG or the Firewall feature are affected [CVE-2015-6272]. The vendor has assigned bug IDs CSCsx35393, CSCsx07094, and CSCsw93064 to this vulnerability. |
Impact: A remote user can cause the target system to reload. |
Solution: The vendor has issued a fix. The vendor's advisories are available at: http://tools.cisco.com/security/center/viewAlert.x?alertId=40684 http://tools.cisco.com/security/center/viewAlert.x?alertId=40686 http://tools.cisco.com/security/center/viewAlert.x?alertId=40687 http://tools.cisco.com/security/center/viewAlert.x?alertId=40688 http://tools.cisco.com/security/center/viewAlert.x?alertId=40689 |
Vendor URL: tools.cisco.com/security/center/viewAlert.x?alertId=40684 (Links to External Site) |
Cause: State error |
Underlying OS: |
|
Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
Diberdayakan oleh Blogger.