You are here
Home > Preporuke > Ranjivost Cisco ASR 900 serije usmjerivača

Ranjivost Cisco ASR 900 serije usmjerivača

  • Detalji os-a: WN7
  • Važnost: URG
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20161102-tl1

Revision: 1.0

For Public Release 2016 November 2 16:00 UTC (GMT)

+———————————————————————

Summary
=======

A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR
900 Series routers could allow an unauthenticated, remote attacker to
cause a reload of, or remotely execute code on, the affected system.

The vulnerability exists because the affected software performs
incomplete bounds checks on input data. An attacker could exploit
this vulnerability by sending a malicious request to the TL1 port,
which could cause the device to reload. An exploit could allow the
attacker to execute arbitrary code and obtain full control of the
system or cause a reload of the affected system.

Cisco has released software updates that address this vulnerability.
There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tl1

—–BEGIN PGP SIGNATURE—–

iQIVAwUBWBlmqq89gD3EAJB5AQIECBAAg/G8Bb3ELSIv8KeppZZNvnNuZu5+JXSS
TzFdDS2jpr9gC93a2+lkuSzQd4JGRf52u2LGrGSlAE8nf9KQOootz297+N55211t
huxuaE04Xn+Wnqi+HMhAN7i/fAqPXvy1MGdwuDs2j7SjuoKXOBpIjyPVbAflI8zx
jX6TTV/qBH8FYhozONXSAtxC5l3KT2IkCyu8Wt+fsCmQgnWEBR5lnKVmWOyX7+sm
+/H2mvrd+C8qJnNmIvizDIMSIMRLZXCRodyTGYcQqmO9Swaiu5ucIHcPe6oVSJvh
68SmLD0W2YAxuXkgX7Pr+hJh4/oN22jRNJkrYWO6Niy9mNEyJljp3eGWKMpbKXK7
Qe3DHZ5ILjLD7hzoUTZYIBhHkQvmJbAbXMuuIrGDxKnIqS/1G5q2nCoC99Qb66IA
+mOoY/eehJUOFyyfX56NtQuXA5NLrseHWVyGtecLzB55nxqQ+bpvdkYDjV/7fUPc
M+jgtTO1AhNkqT36Sqr8x0R152L+j6LxBbhT7DGPWjywmleHBGjqRSqC6nfRV8oz
joTb5MScXvUqM/oyAO5F60A0eHjY2Y32B/ABe+GfHqtnFFiyUdofWgtpH6QPETbO
QTg5inydNDrqppAA+T5JG3LZJpSn7PuIJ60HWFSirmgAgpHXhe7yCi2+X+6y9Fp/
S0Sdoo9MXGA=
=leRx
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorTomislav Protega
Cert idNCERT-REF-2016-11-0055-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa resteasy-base

Otkriven je sigurnosni nedostatak u programskom paketu resteasy-base za operacijski sustav Red Hat. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog...

Close