Vulnerability Bulletins |
Denegación de servicio en el procesado de OSPF en Cisco IOS |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Denegación de Servicio |
| Dificulty | Avanzado |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Networking |
| Affected software |
Cisco IOS 12.0.S >= 12.0(22)S Cisco IOS 12.0.SX >= 12.0(23)SX Cisco IOS 12.0.SY >= 12.0(22)SY Cisco IOS 12.0.SZ >= 12.0(23)SZ Cisco IOS 12.2.B >= 12.2(15)B Cisco IOS 12.2.BC >= 12.2(15)BC Cisco IOS 12.2.BX >= 12.2(15)BX Cisco IOS 12.2.BZ >= 12.2(15)BZ Cisco IOS 12.2.CX >= 12.2(15)CX Cisco IOS 12.2.EW >= 12.2(18)EW Cisco IOS 12.2.MC >= 12.2(15)MC1 Cisco IOS 12.2.S >= 12.2(18)S Cisco IOS 12.2.SE >= 12.2(18)SE Cisco IOS 12.2.SV >= 12.2(18)SV Cisco IOS 12.2.SW >= 12.2(18)SW Cisco IOS 12.2.SZ >= 12.2(14)SZ Cisco IOS 12.2.T >= 12.2(15)T Cisco IOS 12.2.YU >= 12.2(11)YU Cisco IOS 12.2.YV >= 12.2(11)YV Cisco IOS 12.2.ZD >= 12.2(13)ZD Cisco IOS 12.2.ZE >= 12.2(13)ZE Cisco IOS 12.2.ZF >= 12.2(13)ZF Cisco IOS 12.2.ZG >= 12.2(13)ZG Cisco IOS 12.2.ZH >= 12.2(13)ZH Cisco IOS 12.2.ZJ >= 12.2(15)ZJ Cisco IOS 12.2.ZK >= 12.2(15)ZK Cisco IOS 12.2.ZL >= 12.2(15)ZL Cisco IOS 12.2.ZN >= 12.2(15)ZN Cisco IOS 12.2.ZO >= 12.2(15)ZO Cisco IOS 12.3 Cisco IOS 12.3.B Cisco IOS 12.3.BW Cisco IOS 12.3.T Cisco IOS 12.3.XA Cisco IOS 12.3.XB Cisco IOS 12.3.XC Cisco IOS 12.3.XE |
Description |
|
|
Existe una vulnerabilidad al procesar paquetes OSPF que puede conllevar un parada y reinicio del sistema. Para llevar a cabo el ataque son necesarios parámetros tales como el número de área de OSPF, máscara y los valores de hello y dead configurados en la interfaz afectada. OSPF es un protocolo de enrutamiento definido en el RFC 2328 y su objetivo es la administración de rutas IP en sistemas autonomos (AS). |
|
Solution |
|
|
Actualización de software Cisco IOS Siga las instrucciones facilitadas por Cisco http://www.cisco.com/en/US/products/products_security_advisory09186a008029e189.shtml |
|
Standar resources |
|
| Property | Value |
| CVE | |
| BID | |
Other resources |
|
|
Cisco Security Advisory 61365 http://www.cisco.com/en/US/products/products_security_advisory09186a008029e189.shtml |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2004-08-19 |