You are here
Home > Preporuke > Sigurnosni nedostatak fpsnort komponente

Sigurnosni nedostatak fpsnort komponente

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: O
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Firepower Detection Engine Pragmatic General Multicast Protocol Decoding Denial of Service Vulnerability

Advisory ID: cisco-sa-20170419-fpsnort

Revision: 1.0

For Public Release: 2017 April 19 16:00 GMT

Last Updated: 2017 April 19 16:00 GMT

CVE ID(s): CVE-2016-6368

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting.

The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort”]

—–BEGIN PGP SIGNATURE—–

iQKBBAEBAgBrBQJY94y8ZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHlAjhAA0O9xAPu90t6MBSz2
9iT7Te4JvTN3Q0HutNiI/VmZu/ya/G1Wn+7FiwfEyrCAw1yQ2NrEFpNkehWhXqFg
k3ANtAtAJGl2xjwF4oJ3QtusW+fzNL5nJ8iW+HZ5RbOABqDWDwmRHR6rkKnp/sym
HSJ6gVtsbftXpYobjU1rjNsjTELTcOigsPQe23sEluHtGXEfY1BvtHJNhMrd6Dc3
hGEl2sKeZFBcCj+CbsuftvwvnQksV8iiNwRkx//7KN7bRldDak1ZM3Ecp3xC4jsE
/Dy0QXbn3PwJkK10G6I3qjf0A0CI3X6GeaCaUOALMWE3n27ae333UKAgHr/CcllU
mJFV+pA2+PrVQItOSTDuJOg9wmNXwe1WWJUMaJ4oDfZa1wcSPrF9D615eZA0JFL6
ZHlfXwENm5TrL/bs7sxjYGB//57/NUh2+z3GBP4ophpbQZ0Fw1ZHMyqmi9P+Z/GK
wc3YK/YrMGs7BlshpJUZF1yJMmGk30cmoNRYEINr4kTTmMs70S7Xw1kVyyWzteuU
JBhRdU+0MJUgI7on3tJao7ymrME+AvmGz6PgDBzI/talNpckjb+Mr+kjdz3fhWhz
AxoucSIacjoLl5JUQSRdFvzC8qWhzRd2CpHqNp9rRkd54UksM2a4pVNY5aRJq6/x
QgLmvKOVeWKN6Qo0tnvijnLf+rQ=
=Ff/9
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-04-0100-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci Live Patching servisa

Izdana je nadogradnja za Live Patching servis za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim lokalnim napadačima omogućuju stjecanje uvećanih ovlasti,...

Close