CISCO : Cisco IOS Software RSVP Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.105685

Kategorie: CISCO

Titel: Cisco IOS Software RSVP Vulnerability

Zusammenfassung: A vulnerability in the implementation of the Resource Reservation Protocol; (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause; the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition.;; Cisco has released software updates that address this vulnerability.;; A workaround that mitigates this vulnerability is available.;; Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories.; All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response:; Semiannual Cisco IOS Software Security Advisory Bundled Publication at the referenced links.

Beschreibung: Summary:
A vulnerability in the implementation of the Resource Reservation Protocol
(RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause
the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability.

A workaround that mitigates this vulnerability is available.

Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories.
All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response:
Semiannual Cisco IOS Software Security Advisory Bundled Publication at the referenced links.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-3354
BugTraq ID: 70131
http://www.securityfocus.com/bid/70131
BugTraq ID: 70183
http://www.securityfocus.com/bid/70183
Cisco Security Advisory: 20140924 Cisco IOS Software RSVP Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
http://www.securitytracker.com/id/1030893
XForce ISS Database: ciscoios-cve20143354-dos(96178)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96178

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.105685
Kategorie:	CISCO
Titel:	Cisco IOS Software RSVP Vulnerability
Zusammenfassung:	A vulnerability in the implementation of the Resource Reservation Protocol; (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause; the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition.;; Cisco has released software updates that address this vulnerability.;; A workaround that mitigates this vulnerability is available.;; Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories.; All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response:; Semiannual Cisco IOS Software Security Advisory Bundled Publication at the referenced links.
Beschreibung:	Summary: A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the referenced links. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3354 BugTraq ID: 70131 http://www.securityfocus.com/bid/70131 BugTraq ID: 70183 http://www.securityfocus.com/bid/70183 Cisco Security Advisory: 20140924 Cisco IOS Software RSVP Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp http://www.securitytracker.com/id/1030893 XForce ISS Database: ciscoios-cve20143354-dos(96178) https://exchange.xforce.ibmcloud.com/vulnerabilities/96178
Copyright	Copyright (C) 2016 Greenbone AG