ID de Prueba:	1.3.6.1.4.1.25623.1.0.106315
Categoría:	CISCO
Título:	Cisco IOS XE Software Smart Install Memory Leak Vulnerability
Resumen:	The Smart Install client feature in Cisco IOS XE Software contains a;vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial;of service (DoS) condition on an affected device.
Descripción:	Summary: The Smart Install client feature in Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service (DoS) condition on an affected device. Vulnerability Insight: The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. Vulnerability Impact: A successful exploit could cause the device to leak memory and eventually reload, resulting in a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6385 BugTraq ID: 93203 http://www.securityfocus.com/bid/93203 Cisco Security Advisory: 20160928 Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 http://www.securitytracker.com/id/1036914
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.