CISCO : Cisco IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.106146

Kategorie: CISCO

Titel: Cisco IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability

Zusammenfassung: A vulnerability in Border Gateway Protocol (BGP) message processing;functions of Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device;to reload.;;The vulnerability is due to improper processing of crafted BGP attributes. An attacker could exploit this;vulnerability by sending crafted BGP messages to an affected device for processing when certain conditions;are met. A successful exploit could allow the attacker to cause the affected device to reload, resulting in;a denial of service (DoS) condition.;;Possible workarounds for this issue include setting a maxpath-limit value for BGP MIBs or suppressing use of;BGP MIBs.

Beschreibung: Summary:
A vulnerability in Border Gateway Protocol (BGP) message processing
functions of Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device
to reload.

The vulnerability is due to improper processing of crafted BGP attributes. An attacker could exploit this
vulnerability by sending crafted BGP messages to an affected device for processing when certain conditions
are met. A successful exploit could allow the attacker to cause the affected device to reload, resulting in
a denial of service (DoS) condition.

Possible workarounds for this issue include setting a maxpath-limit value for BGP MIBs or suppressing use of
BGP MIBs.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.9

CVSS Vector:
AV:N/AC:H/Au:S/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1459
BugTraq ID: 91800
http://www.securityfocus.com/bid/91800
Cisco Security Advisory: 20160715 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp
http://www.securitytracker.com/id/1036321

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.106146
Kategorie:	CISCO
Titel:	Cisco IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability
Zusammenfassung:	A vulnerability in Border Gateway Protocol (BGP) message processing;functions of Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device;to reload.;;The vulnerability is due to improper processing of crafted BGP attributes. An attacker could exploit this;vulnerability by sending crafted BGP messages to an affected device for processing when certain conditions;are met. A successful exploit could allow the attacker to cause the affected device to reload, resulting in;a denial of service (DoS) condition.;;Possible workarounds for this issue include setting a maxpath-limit value for BGP MIBs or suppressing use of;BGP MIBs.
Beschreibung:	Summary: A vulnerability in Border Gateway Protocol (BGP) message processing functions of Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of crafted BGP attributes. An attacker could exploit this vulnerability by sending crafted BGP messages to an affected device for processing when certain conditions are met. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Possible workarounds for this issue include setting a maxpath-limit value for BGP MIBs or suppressing use of BGP MIBs. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.9 CVSS Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1459 BugTraq ID: 91800 http://www.securityfocus.com/bid/91800 Cisco Security Advisory: 20160715 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp http://www.securitytracker.com/id/1036321
Copyright	Copyright (C) 2016 Greenbone AG