SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (Router/Bridge/Hub)  >   Cisco IOS Vendors:   Cisco
Cisco IOS Multiple Bugs Let Remote Users Bypass Security Controls, Obtain Potentially Sensitive Information, and Deny Service
SecurityTracker Alert ID:  1027005
SecurityTracker URL:  http://securitytracker.com/id/1027005
CVE Reference:   CVE-2011-2578, CVE-2011-2586, CVE-2011-3289, CVE-2011-3295, CVE-2011-4007, CVE-2011-4012, CVE-2011-4015, CVE-2011-4016, CVE-2012-0338, CVE-2012-0339, CVE-2012-0362   (Links to External Site)
Date:  May 2 2012
Impact:   Denial of service via network, Disclosure of system information, Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Cisco IOS. A remote user can cause denial of service conditions. A remote user can bypass security controls. A remote user can obtain potentially sensitive information. A physically local user can read the start-up configuration.

A remote user can send specially crafted SIP packets on a NAT interface to consume excessive CPU resources [CVE-2011-2578]. Cisco has assigned Bug ID CSCts12366 to this vulnerability. Cisco IOS 15.1 and 15.2 are affected.

A remote user can return a specially crafted HTTP response to trigger a flaw in the HTTP client and cause the target device to crash [CVE-2011-2586]. Cisco has assigned Bug ID CSCts12249 to this vulnerability. Cisco IOS 12.4 and 15.0 are affected.

A physically local user can bypass the No Service Password-Recovery feature and read the start-up configuration [CVE-2011-3289]. Cisco has assigned Bug ID CSCtr97640 to this vulnerability. Cisco IOS 12.4 and 15.0 through 15.2 are affected.

A remote user can send specially crafted network traffic to trigger a flaw in the NETIO and IPV4_IO processes and cause excessive CPU consumption on the target device [CVE-2011-3295]. Cisco has assigned Bug ID CSCti59888 to this vulnerability. Cisco IOS XR 3.8 through 4.1 is affected.

A remote user can send specially crafted traffic to trigger a flaw in the "set mpls experimental imposition" command and cause the target device to crash [CVE-2011-4007]. Cisco has assigned Bug ID CSCtr56576 to this vulnerability. Cisco IOS 15.0 and 15.1 and IOS XE 3.x are affected.

A remote user can send specially crafted data to trigger an ICMPv6 ACL bug with unspecified impact [CVE-2011-4012]. Cisco has assigned Bug ID Bug ID CSCtj90091 to this vulnerability. Cisco IOS 12.0, 15.0, and 15.1 are affected. Systems using a Policy Feature Card 3C (PFC3C) are affected.

A remote user can send specially crafted UDP traffic to UDP port 465 to cause an interface queue wedge [CVE-2011-4015]. Cisco has assigned Bug ID CSCts48300 to this vulnerability. Cisco IOS 15.2S is affected.

A remote user can send specially crafted network traffic to trigger a flaw in the PPP implementation and cause the target device to crash [CVE-2011-4016]. Cisco has assigned Bug ID CSCtf71673 to this vulnerability. Cisco IOS 12.2 and 15.0 through 15.2 are affected. Systems using Point-to-Point Termination and Aggregation (PTA) and L2TP are affected.

The device does not properly process the vrf-also keyword during enforcement of access-class commands [CVE-2012-0338]. A remote user can establish a SSH connection from arbitrary IP addresses. Cisco has assigned Cisco Bug ID CSCsv86113 to this vulnerability. Cisco IOS 12.2 through 12.4 and 15.0 are affected.

The device does not properly process the vrf-also keyword during enforcement of access-class commands [CVE-2012-0339]. A remote user can establish a Telnet connection from arbitrary IP addresses. Cisco has assigned Cisco Bug ID CSCsi77774 to this vulnerability. Cisco IOS 12.2 through 12.4 and 15.0 are affected.

The ACL function does not properly process lines that end with a log or time keyword [CVE-2012-0362]. A remote user can send specially crafted network traffic to bypass access control list (ACL) restrictions in certain cases. Cisco has assigned Bug ID CSCts01106 to this vulnerability. Cisco IOS 12.2(58)SE2 and 15.0(1)SE are affected.

Impact:   A remote user can cause the target device to crash.

A remote user can consume excessive CPU resources on the target system.

A remote user can bypass security controls.

A remote user can connect via Telnet and SSH from arbitrary IP addresses.

A remote user can obtain potentially sensitive information.

A physically local user can read the start-up configuration.

Solution:   The vendor has issued fixes.

The vendor's advisories are available at:

http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-4MCAVS.html
http://tools.cisco.com/security/center/viewAlert.x?alertId=24436
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/release/notes/caveats_SXF_rebuilds.html
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXH_rebuilds.html
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html
http://www-europe.cisco.com/cisco/software/release.html?mdfid=279879106&reltype=all&relind=AVAILABLE&release=3.9.2&softwareid=280867577&sortparam=7
http://www.cisco.com/en/US/docs/ios/ios_xe/3/release/notes/asr1k_caveats_33s.html
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html
http://www.cisco.com/en/US/docs/ios/15_2s/release/notes/15_2s_caveats_15_2_2s.html

Vendor URL:  www.cisco.com/ (Links to External Site)
Cause:   Not specified
Underlying OS:  

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC