accept no compromises

Cisco Security Advisory 20170322-ztp

Cisco Security Advisory 20170322-ztp
Posted Mar 22, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
advisories | CVE-2017-3859
MD5 | e1d8a64df5c5d1e4358f2c447f147794

Cisco Security Advisory 20170322-ztp

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability

Advisory ID: cisco-sa-20170322-ztp

Revision: 1.0

For Public Release: 2017 March 22 16:00 GMT

Last Updated: 2017 March 22 16:00 GMT

CVE ID(s): CVE-2017-3859

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp"]

This advisory is part of the March 22, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: March 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication ["http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851"].

-----BEGIN PGP SIGNATURE-----

iQKBBAEBAgBrBQJY0qLqZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHldyhAA4AUlw+TdlwzGjw66
a9A1qiAyLXXUNOACKIzHcNZ9vM0nEnYdi9MrS36J/W3bU4etGzgOkJ6oMt2AOU8V
fgykNstP2rcUwn2qiAhL9edrG2iBTG3FVgKaeud/pYobXqHX7U9EgPwxANZkdNez
Xt0cCQCa6ENn8MgVbboCZl2AMXhV7rkI45J1a3ecoN/ooZN71TTo/vtYv8nl4khE
VxRBLNE3sSSNgE0tcnseoH01kjTzGn2lh5e/RJL/F8OMMTg+sg399HGkxlVF/r0Y
4c5dIad5eg3Ra3X1El8s8r0p8YBmFhvBuO64MYzysT4OYNPOw2dMbtAso/b3vpJf
uRkHpOMEPM0Jg+hZBNGyCyUMyipfPmlaUvEIb6o4+vM/uNVwH5qpsgkVXWuCwR64
CR9axg7CJ/LSDoDjWhZIpSUtYNWZxhSFMdOlTZVU9m7idTsQjH1KfQtmqH06uEMc
sZIal21mxlv3QiVD606fT/v4NDiZCVllNeSX8zBBMV95zPS7UJ1DO9qOBuF5bGsX
9jyLJr0RMxdCt5LJlsA8vjm6VbgwDxGR3SttZRQO5QESg3bJ3JxJ+fEujcDZFol6
u89nQqUY3b+tBQOj3hOUYz6ztsA2YDoYae0lD/PQ0KxRbcbweADSKlcPy2JBCQi+
mduV2xoL7F5JFPL/AMjuurgMZy0=
=waSy
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    10 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close