Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26301
HistoryMay 04, 2011 - 12:00 a.m.

Cisco IOS SNMP Message Processing Denial Of Service Vulnerability

2011-05-0400:00:00
vulners.com
158
JSON

Cisco IOS SNMP Message Processing Denial Of Service Vulnerability

I. Summary

Cisco Internetwork Operating System (IOS) 15.0 attempts to process SNMP solicited operations
on improper ports (UDP 161,162), which allows remote attackers to cause a denial of service
when SNMP is disabled.

II. Description

It has been reported that the Cisco Internet Operating System (IOS) is affected by a remote
SNMP message processing denial of service vulnerability. This issue may be leveraged to cause a
denial of service condition in the affected device. The denial of service is due to the process
consumed all available CPU resources in the affected device.The device may have to be reset
manually if the attack is successful.

III. Impact

Denial of service (process consume all available CPU resources)

IV. Affected

Cisco router 2921/K9 IOS 15.0<1r>M6, tested with kubuntu 10.10. Previous versions may also be
affected due to code reuse.

V. Solution

Currently there are not any vendor-supplied patches for this issue.

VI. Credit

The penetration test team Of NCNIPC (China) is credited for this vulnerability.

JSON