You are here
Home > Preporuke > Ranjivosti Cisco IOS, IOS XE i IOS XR softvera

Ranjivosti Cisco IOS, IOS XE i IOS XR softvera

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities

Advisory ID: cisco-sa-20180328-lldp

Revision: 1.0

For Public Release: 2018 March 28 16:00 GMT

Last Updated: 2018 March 28 16:00 GMT

CVE ID(s): CVE-2018-0167, CVE-2018-0175

CVSS Score v(3): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

+———————————————————————

Summary
=======
Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.

For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp”]

This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-66682”].

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJau71JXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfcz/DMP/2VZQVHixXrb/QabAPFE9NVmcqhm
HsrtThk2KZSTKGzypSgXqlx2ZBDpwAlskoiBrL4/lawWalkJurENRxV6iNtHj77K
kDObiOaeptlZI3Y8Q81mF0XRHhe1w/npK18SIUCztICkntmsmkfUNe8g4e4oYWco
UAk2AL4zmVWnN5U/vsXFg6WHCUphU1jtntKWj/nZnC+WZcCXCzOgf3UumKdpHXMF
ZGoK9fmp0QGBmP3Z1seXZpdy9Trykv5Mo8B9dRub4QAiu1zS+6SFkEcCtzdHUz2m
hwrpCUuDbYEIWa4PmIcQVAyH7GwAF6qkjnbOu3t7taOfjAg2B8KuLIinBcgFeCr0
HRQAe2emh5bG9Uq772DMoFkk8Z5dkh+226JkrX+BdM0nWDfi/0WxaaLIol5qpj40
HtoULsIi1HdUR5LJ8ez9CrxxHlVhZfskJJOQmc0Bu9FmWq5p4d8I/sd8DHQUlZEM
A9DY3MfWRD9KiR4FBNUnzklMLAYmPemY2lJ7eDw29/ohRNx73sRs5GHW/PjXkzjW
0LX/tz6J7QWAiF7lVqQffOLvKThh1EcPyRMqGhkcGVdUyI/2jH4wGyYhu0sRegtD
8rF1OZRfAtY1RwNhNc4w/hHReCbX9CwdzFa/alOox2YGpZqMLkaCv+yT0IMUI/wm
/g/UFE0+dZ9+gEhV
=0nRy
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorVlatka Misic
Cert idNCERT-REF-2018-03-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Ranjivost Cisco IOS i IOS XE softvera

Otkrivena je ranjivost u DHCP option 82 enkapsulacijskoj funkcionalnosti za Cisco IOS i IOS XE softver. Ranjivost je posljedica nepotpune...

Close