Cisco IOS and IOS XE Bug in IKE State Machine Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1034505 |
SecurityTracker URL: http://securitytracker.com/id/1034505
|
CVE Reference:
CVE-2015-6429
(Links to External Site)
|
Date: Dec 18 2015
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in Cisco IOS and IOS XE. A remote user can cause denial of service conditions on the target system.
A remote user can send a specially crafted spoofed Internet Key Exchange (IKEv1) packet to the endpoint of the target IPsec tunnel to cause the tunnel to be torn down.
The vendor has assigned bug ID CSCuw08236 to this vulnerability.
|
Impact:
A remote user can cause the target IPsec tunnel to be torn down.
|
Solution:
The vendor has issued a fix (15.5(2)S2 (3.15.2S), 15.5(2)T2, 15.5(3)M1, 15.5(3)S1 (3.16.1S), 15.6(1)S (3.17.1S), 15.6(1)T).
The vendor's advisory is available at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios
|
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios (Links to External Site)
|
Cause:
State error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|