Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Router/Bridge/Hub)  >   Cisco IOS Vendors:   Cisco
Cisco IOS/IOS XE Multiple Flaws Let Remote Users Cause the Target System to Reload
SecurityTracker Alert ID:  1036914
SecurityTracker URL:
CVE Reference:   CVE-2016-6378, CVE-2016-6379, CVE-2016-6380, CVE-2016-6381, CVE-2016-6382, CVE-2016-6384, CVE-2016-6385, CVE-2016-6386, CVE-2016-6391, CVE-2016-6392, CVE-2016-6393   (Links to External Site)
Date:  Sep 28 2016
Impact:   Denial of service via network, Disclosure of system information, Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Cisco IOS and IOS XE. A remote user can cause the target system to reload.

A remote user can send specially crafted data cause the target system or service to reload.

IP Detail Record (IPDR) processing is affected on the following platforms [CVE-2016-6379]:

Cisco cBR Series Converged Broadband Routers
Cisco uBR7200 Series Universal Broadband Routers
Cisco uBR7225VXR Universal Broadband Routers
Cisco uBR10000 Series Universal Broadband Routers

IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message processing from a configured MSDP peer is affected [CVE-2016-6392].

IPv6 Protocol Independent Multicast (PIM) register message packets received by a PIM rendezvous point (RP) are affected [CVE-2016-6382].

IPv4 fragment reassembly processing for packets sent to the target device is affected [CVE-2016-6386].

Authentication, Authorization, and Accounting (AAA) authentication error log message processing (for attempts via remote Secure Shell Host (SSH) connections to the target device) is affected [CVE-2016-6393].

H.323 message processing is affected [CVE-2016-6384].

The processing of fragmented Internet Key Exchange version 1 (IKEv1) UDP packets directed to the target system via IPv4 or IPv6 is affected [CVE-2016-6381]. This vulnerability can also be exploited to consume all available memory on the target system.

The processing of Common Industrial Protocol (CIP) message requests is affected [CVE-2016-6391]. A restart is required to return the system to normal operation.

The processing of specially crafted ICMP packets that require Network Address Translation (NAT) is affected [CVE-2016-6378].

The processing of Smart Install packets received on TCP port 4786 on a Cisco Catalyst switch can trigger a memory leak and eventual device reload [CVE-2016-6385].

A remote user can intercept a DNS query forwarded from the target device and return a specially crafted DNS response message to the target device to view portions of process memory, corrupt information in the local DNS cache, or cause the target device to reload [CVE-2016-6380].

A Cisco partner reported one vulnerability.

Impact:   A remote user can cause the target system or service to reload.

A remote user view portions of process memory.

A remote user can corrupt information in the local DNS cache.

Solution:   The vendor has issued a fix.

The vendor advisories are available at:

Vendor URL: (Links to External Site)
Cause:   Access control error, Input validation error, Resource error, State error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC