Wednesday, January 18, 2017

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of Service Vulnerability

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an authenticated, remote attacker to cause the ipsecmgr process to reload.

The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed IKE packets to the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://ift.tt/2iBtxlP A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an authenticated, remote attacker to cause the ipsecmgr process to reload.

The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed IKE packets to the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://ift.tt/2iBtxlP
Security Impact Rating: Medium
CVE: CVE-2016-9216

from Cisco Security Advisory http://ift.tt/2iBtxlP
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)