Cisco Patches DoS Holes

Tuesday, March 29, 2016 @ 10:03 AM gHale


Cisco issued updates for its IOS and IOS XE networking software that patches denial-of-service (DoS) vulnerabilities identified by the vendor’s own employees and external researchers.

Cisco published six advisories detailing the flaws, all of which have been rated as having high severity.

RELATED STORIES
USB Trojan Leaves No Trace
New Way to Hack iCloud Account
Abandoned App Details in Open
Samsung Mitigates Update Tool

One of the vulnerabilities relates to the improper handling of malformed Session Initiation Protocol (SIP) messages in Cisco IOS, IOS XE and Unified Communications Manager (UCM) software, Cisco officials said. A remote, unauthenticated attacker can exploit the security hole to cause a memory leak, which eventually leads to the affected device reloading.

Another DoS vulnerability affects the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and IOS XE, officials said. An unauthenticated attacker can exploit this bug to remotely cause an affected device to reload by sending it specially crafted DHCPv6 relay messages.

IOS and IOS XE software also suffers from a DoS vulnerability that affects its Smart Install client feature. An attacker can remotely cause a device to enter a DoS condition by sending malicious Smart Install packets to TCP port 4786.

A remote attacker can cause Cisco Catalyst 6500 and 6800 series switches running IOS, and Cisco Nexus 7000 and 7700 series switches running NX-OS to reload by exploiting a vulnerability in the Locator/ID Separation Protocol (LISP).

A hole is in the Wide Area Application Services (WAAS) Express feature of IOS. A specially crafted TCP segment routed through an affected device causes it to enter a DoS condition, Cisco said. This vulnerability can end up exploited remotely by an unauthenticated hacker.

There is a DoS flaw in the Internet Key Exchange (IKE) version 2 fragmentation code of IOS and IOS XE. The vulnerability can end up exploited by sending a specially crafted UDP packet to the affected system.

Cisco said it is not aware of any instances where these vulnerabilities have been exploited for malicious purposes.

The six security advisories published are part of the company’s semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Another bundle of IOS advisories will release in the fourth Wednesday of September.