CISCO : Cisco NX-OS Software Label Distribution Protocol Message Vulnerability (Cisco-SA-20140123-CVE-2014-0677)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.103888

Kategorie: CISCO

Titel: Cisco NX-OS Software Label Distribution Protocol Message Vulnerability (Cisco-SA-20140123-CVE-2014-0677)

Zusammenfassung: A vulnerability in the Label Distribution Protocol (LDP); message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to; cause an affected device to stop accepting valid LDP sessions during a 60-second period.

Beschreibung: Summary:
A vulnerability in the Label Distribution Protocol (LDP)
message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to
cause an affected device to stop accepting valid LDP sessions during a 60-second period.

Vulnerability Insight:
The vulnerability is due to how certain malformed LDP Hello
messages are parsed. An attacker could exploit this vulnerability by sending malformed LDP Hello
messages to an affected device.

Vulnerability Impact:
An exploit could allow the attacker to cause an affected device
to stop accepting valid LDP sessions during a 60-second period.

Affected Software/OS:
Cisco Nexus 7000 Series Switches running NX-OS 6.2(2)S42.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore. General
solution options are to upgrade to a newer release, disable respective features, remove the
product or replace the product by another one.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-0677
BugTraq ID: 65074
http://www.securityfocus.com/bid/65074
Cisco Security Advisory: 20140122 Cisco NX-OS Software Label Distribution Protocol Message Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0677
http://osvdb.org/102368
http://www.securitytracker.com/id/1029691
http://secunia.com/advisories/56611
XForce ISS Database: cisco-nxos-cve20140677-dos(90623)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90623

Copyright Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.103888
Kategorie:	CISCO
Titel:	Cisco NX-OS Software Label Distribution Protocol Message Vulnerability (Cisco-SA-20140123-CVE-2014-0677)
Zusammenfassung:	A vulnerability in the Label Distribution Protocol (LDP); message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to; cause an affected device to stop accepting valid LDP sessions during a 60-second period.
Beschreibung:	Summary: A vulnerability in the Label Distribution Protocol (LDP) message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop accepting valid LDP sessions during a 60-second period. Vulnerability Insight: The vulnerability is due to how certain malformed LDP Hello messages are parsed. An attacker could exploit this vulnerability by sending malformed LDP Hello messages to an affected device. Vulnerability Impact: An exploit could allow the attacker to cause an affected device to stop accepting valid LDP sessions during a 60-second period. Affected Software/OS: Cisco Nexus 7000 Series Switches running NX-OS 6.2(2)S42. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0677 BugTraq ID: 65074 http://www.securityfocus.com/bid/65074 Cisco Security Advisory: 20140122 Cisco NX-OS Software Label Distribution Protocol Message Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0677 http://osvdb.org/102368 http://www.securitytracker.com/id/1029691 http://secunia.com/advisories/56611 XForce ISS Database: cisco-nxos-cve20140677-dos(90623) https://exchange.xforce.ibmcloud.com/vulnerabilities/90623
Copyright	Copyright (C) 2014 Greenbone Networks GmbH