Computer Security
[EN] securityvulns.ru no-pyccku


Cisco IOS XR multiple security vulnerabilities
Published:26.05.2011
Source:
SecurityVulns ID:11692
Type:remote
Threat Level:
7/10
Description:DoS on IP packets parsing (including routed ones), DoS against SSH, DoS against SPA.
Affected:CISCO : IOS XR 3.6
 CISCO : IOS XR 3.8
 CISCO : IOS XR 3.9
 CISCO : IOS XR 4.0
 CISCO : IOS XR 4.1
CVE:CVE-2011-1651 (Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.)
 CVE-2011-0949 (Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.)
 CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability (26.05.2011)
 documentCISCO, Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability (26.05.2011)
 documentCISCO, Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability (26.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod