Home Unlabelled Cisco IOS Software RADIUS Client Denial of Service Vulnerability

Cisco IOS Software RADIUS Client Denial of Service Vulnerability

By
Monday, October 05, 2015
Read
Add Comment
A vulnerability in the RADIUS client feature of Cisco IOS Software could allow an authenticated, remote attacker to cause a reload of the affected device.

The vulnerability is due to improper parsing of malformed RADIUS packets returned by a RADIUS server. An attacker could exploit this vulnerability by configuring a RADIUS server with a shared RADIUS secret and returning malformed answers back to a RADIUS client on an affected Cisco device. An exploit could allow the attacker to cause a reload of the affected device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:
http://ift.tt/1Mbwk8a

from Cisco Security Advisory http://ift.tt/1Mbwk8a
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us