CISCO : Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability (Cisco-SA-20140106-CVE-2013-6982)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103879

Categoría: CISCO

Título: Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability (Cisco-SA-20140106-CVE-2013-6982)

Resumen: A vulnerability in the Border Gateway Protocol (BGP); functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause; all BGP sessions on the device to reset.

Descripción: Summary:
A vulnerability in the Border Gateway Protocol (BGP)
functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause
all BGP sessions on the device to reset.

Vulnerability Insight:
The vulnerability is due to the improper processing of
specifically crafted BGP update messages. An attacker could exploit this vulnerability by
crafting a specific BGP-labeled update message.

Vulnerability Impact:
An exploit could allow the attacker to cause all the BGP peers
on a Cisco NX-OS device that are configured with either a VPNv4, VPNv6, or IPv6 labeled unicast
address family to reset.

Affected Software/OS:
Cisco Nexus 7000 running NX-OS 6.2(2)S27.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-6982
BugTraq ID: 64670
http://www.securityfocus.com/bid/64670
Cisco Security Advisory: 20140106 Cisco NX-OS Software Crafted BGP Update Message Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6982
http://osvdb.org/101713
http://www.securitytracker.com/id/1029568
http://secunia.com/advisories/56169
XForce ISS Database: cisco-nxos-cve2013-6982-dos(90119)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90119

Copyright Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.103879
Categoría:	CISCO
Título:	Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability (Cisco-SA-20140106-CVE-2013-6982)
Resumen:	A vulnerability in the Border Gateway Protocol (BGP); functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause; all BGP sessions on the device to reset.
Descripción:	Summary: A vulnerability in the Border Gateway Protocol (BGP) functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause all BGP sessions on the device to reset. Vulnerability Insight: The vulnerability is due to the improper processing of specifically crafted BGP update messages. An attacker could exploit this vulnerability by crafting a specific BGP-labeled update message. Vulnerability Impact: An exploit could allow the attacker to cause all the BGP peers on a Cisco NX-OS device that are configured with either a VPNv4, VPNv6, or IPv6 labeled unicast address family to reset. Affected Software/OS: Cisco Nexus 7000 running NX-OS 6.2(2)S27. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6982 BugTraq ID: 64670 http://www.securityfocus.com/bid/64670 Cisco Security Advisory: 20140106 Cisco NX-OS Software Crafted BGP Update Message Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6982 http://osvdb.org/101713 http://www.securitytracker.com/id/1029568 http://secunia.com/advisories/56169 XForce ISS Database: cisco-nxos-cve2013-6982-dos(90119) https://exchange.xforce.ibmcloud.com/vulnerabilities/90119
Copyright	Copyright (C) 2014 Greenbone Networks GmbH