Miembros de
Boletines de Vulnerabilidades |
Cisco IOS Software Metadata Vulnerabilities |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device.The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition.Cisco has More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20Metadata%20Vulnerabilities&vs_k=1 |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-3356 and CVE-2014-3355. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-10-14 |