CISCO : Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.105745

Kategorie: CISCO

Titel: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Zusammenfassung: A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software,; Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated,; remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of; service (DoS) condition on the device.;; The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent; to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6; Neighbor Discovery packets to an affected device for processing. A successful exploit could allow; the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on; the device.;; Cisco will release software updates that address this vulnerability. There are no workarounds that; address this vulnerability.

Beschreibung: Summary:
A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software,
Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated,
remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of
service (DoS) condition on the device.

The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent
to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6
Neighbor Discovery packets to an affected device for processing. A successful exploit could allow
the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on
the device.

Cisco will release software updates that address this vulnerability. There are no workarounds that
address this vulnerability.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1409
BugTraq ID: 90872
http://www.securityfocus.com/bid/90872
Cisco Security Advisory: 20160525 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6
http://www.securitytracker.com/id/1035962
http://www.securitytracker.com/id/1035963
http://www.securitytracker.com/id/1035964
http://www.securitytracker.com/id/1035965
http://www.securitytracker.com/id/1036651

Copyright This script is Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.105745
Kategorie:	CISCO
Titel:	Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
Zusammenfassung:	A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software,; Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated,; remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of; service (DoS) condition on the device.;; The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent; to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6; Neighbor Discovery packets to an affected device for processing. A successful exploit could allow; the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on; the device.;; Cisco will release software updates that address this vulnerability. There are no workarounds that; address this vulnerability.
Beschreibung:	Summary: A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1409 BugTraq ID: 90872 http://www.securityfocus.com/bid/90872 Cisco Security Advisory: 20160525 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 http://www.securitytracker.com/id/1035962 http://www.securitytracker.com/id/1035963 http://www.securitytracker.com/id/1035964 http://www.securitytracker.com/id/1035965 http://www.securitytracker.com/id/1036651
Copyright	This script is Copyright (C) 2016 Greenbone Networks GmbH