Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco IOS XR
Опубликовано:26 мая 2011 г.
Источник:
SecurityVulns ID:11692
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS при разборе IP (в т.ч. проходящих пакетов), DoS через SSH, DoS против SPA.
Затронутые продукты:CISCO : IOS XR 3.6
 CISCO : IOS XR 3.8
 CISCO : IOS XR 3.9
 CISCO : IOS XR 4.0
 CISCO : IOS XR 4.1
CVE:CVE-2011-1651 (Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.)
 CVE-2011-0949 (Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.)
 CVE-2011-0943 (Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability (26.05.2011)
 documentCISCO, Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability (26.05.2011)
 documentCISCO, Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability (26.05.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород