exploit the possibilities

Cisco Security Advisory 20160804-wedge

Cisco Security Advisory 20160804-wedge
Posted Aug 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.

tags | advisory, remote, denial of service, protocol
systems | cisco
MD5 | 0603b00297fbcd9e1b654faec7df9090

Cisco Security Advisory 20160804-wedge

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability

Advisory ID: cisco-sa-20160804-wedge

Revision 1.0

For Public Release 2016 August 4 16:00 GMT

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXoyuaAAoJEK89gD3EAJB5jS0QALlocwEtAhJ6ELVX3IT6HAC5
FKlc3zknV5KswMHqsbDjQsD2GAfEntDoO8Riu78lWSexO99Pu/VfRafKUJKcHEUo
wBYQQ33X4sLEgGXMIXUbAxMFCpAxdlIuEzevo8HUj+LiMZWZNN1UJOpsFzBZGx3Q
b6XNpGnMup88326DIcTJwUo3DGs7jAPvidlBjS5VPHqE43hvMy7FCqBTMQXdE7E3
6xVR9A8E4BdVPy/WyBjKI5TVOvaB2qoPYaaLmdzvsGaM5LnVw1qPFLwe1xY7dI9m
+P+iN5ruvY9GM1WzJL8Yt7ngKmIbr7VC7vQc0kRPe9Mk+ZsuibR4Se12RADvdYfB
CTYeDNES93fV1KxdGNFy2+XJSIcK3VYusto4sTRcKLmUfkHd/ahXNjuoGoqkvFYD
+wq+1GylK2EUvOThjPEGuBgEG8HaNnp0UaYHqKCcUEzayCthygv0oN2Xiy4cEoJb
002reFlEN8s2puJknuEpcywoWNMOGFWSf2jN2kL4mHo6WIldQJqTOy7DHNLLt9UA
aZNXUzhFavF6KXrAMQ3DiTx0nwV9CVaJq9yvyC1iXDA/ySvkHERoODpP7epmhMqW
FZTfAxeusPbktEMeAXThVj/SrkwCmzlrvs+pzk8kAa1ycz/7nJkHENiDCLlUk+zR
fapmFudsB1x/rUftQUNf
=4KvY
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close