Home Unlabelled Cisco ASR 5000 and ASR 5500 TACACS Denial of Service Vulnerability

Cisco ASR 5000 and ASR 5500 TACACS Denial of Service Vulnerability

By
Monday, October 12, 2015
Read
Add Comment
A vulnerability in the TACACS protocol implementation of the Cisco Aggregation Services Router (ASR) 5000 and ASR 5500 (ASR5K) System Software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the vpnmgr process restarts.
 
The vulnerability is due to improper input validation of the TACACS packet header. An attacker could exploit this vulnerability by sending a crafted TACACS packet to the device. An exploit could allow the attacker to cause a partial DoS condition because the vpnmgr process could restart when parsing the crafted TACACS packet.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:
http://ift.tt/1L8o4bj

from Cisco Security Advisory http://ift.tt/1L8o4bj
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us