Cisco Fixes Mulitple DoS Issues

Monday, March 30, 2015 @ 10:03 AM gHale


Cisco released security updates to fix 16 vulnerabilities affecting Cisco IOS and IOS XE software.

Cisco IOS is an operating system that runs on most Cisco routers and current switches, and functionality for routing, switching, internetworking and telecommunications.

RELATED STORIES
Cisco IPv6 Processing Vulnerability
Risk with Custom VPN Portals
Complex Security Should be Easy
SAS: Security for Accelerator

Cisco detailed the patched vulnerabilities in seven advisories. The flaws affect components such as Autonomic Network Infrastructure (ANI), Common Industrial Protocol (CIP), multicast Domain Name System (mDNS), TCP, Virtual Routing and Forwarding (VRF), Internet Key Exchange version 2 (IKEv2), and Cisco IOS XE software.

The ANI intelligent automatic device management feature has three denial-of-service (DoS) vulnerabilities related to Autonomic Networking Registration Authority spoofing (CVE-2015-0635), Autonomic Networking (AN) node spoofing using crafted AN messages (CVE-2015-0636), and targeted device reloading using specially crafted AN messages (CVE-2015-0637).

The vulnerabilities, which affect Cisco IOS and IOS XE software, can end up exploited by a remote, unauthenticated attacker to trigger a DoS condition on the targeted system, Cisco said in an advisory.

An attacker can also cause a DoS condition (CVE-2015-0638) on routers and switches configured to perform virtual routing and forwarding (VRF).

“The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device,” Cisco said in an advisory. “When the ICMPv4 messages are processed, the packet queue of the affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged interface.”

Another issue with Cisco IOS and IOS XE ends up caused by improper handling of certain packet sequences used in establishing a TCP three-way handshake (CVE-2015-0646). An attacker could cause a memory leak and reload affected devices. Repeated exploitation attempts can lead to a sustained DoS condition, Cisco said.

An attacker can also cause a DoS condition on devices running IOS and IOS XE software by sending malformed IPv4 and IPv6 packets on UDP port 5353. The bug ends up caused by improper validation of multicast DNS (mDNS) packets by the mDNS gateway function (CVE-2015-0650).

Vulnerabilities in the Internet Key Exchange (IKE) version 2 protocol, used in the IP Security protocol suite to negotiate cryptographic attributes, can end up exploited to trigger a DoS condition due to the way certain malformed IKEv2 packets are processed (CVE-2015-0642, CVE-2015-0643).

Cisco 1000 series Aggregation Services Routers (ASR), Cisco 4400 series Integrated Services Routers (ISR), and Cisco 1000v series Cloud Services Routers (CSR) running Cisco IOS XE have four DoS and one remote code execution vulnerability.

Attackers can exploit three vulnerabilities for DoS attacks in the Cisco IOS software implementation of the Common Industrial Protocol (CIP) feature.

Cisco said there is no evidence supporting any of these vulnerabilities is suffering from an ongoing attack.

Users that want to determine which updates they must apply in order to fix security issues can use the Cisco IOS Software Checker. The tool does not support Cisco IOS XE software.



Leave a Reply

You must be logged in to post a comment.