Test Kennung:	1.3.6.1.4.1.25623.1.0.106298
Kategorie:	CISCO
Titel:	Cisco IOS XE Software DNS Forwarder Denial of Service Vulnerability
Zusammenfassung:	A vulnerability in the DNS forwarder functionality of Cisco IOS XE Software;could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present;in the device's local DNS cache, or read part of the process memory.
Beschreibung:	Summary: A vulnerability in the DNS forwarder functionality of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. Vulnerability Insight: The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by intercepting and crafting a DNS response message to a client DNS query that was forwarded from the affected device to a DNS server. Vulnerability Impact: A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Solution: See the referenced vendor advisory for a solution. CVSS Score: 8.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6380 BugTraq ID: 93201 http://www.securityfocus.com/bid/93201 Cisco Security Advisory: 20160928 Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 http://www.securitytracker.com/id/1036914
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.