SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco ASR Router Vendors:   Cisco
Cisco ASR 9000 Series Router LPTS Flow Handling Flaw Lets Remote Users Consume Excessive Resources on the Target System
SecurityTracker Alert ID:  1035934
SecurityTracker URL:  http://securitytracker.com/id/1035934
CVE Reference:   CVE-2016-1407   (Links to External Site)
Date:  May 20 2016
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9000 Series; Release 5.3.1
Description:   A vulnerability was reported in Cisco ASR 9000 Series Router. A remote user can consume excessive resources on the target system.

A remote user can send a large number of TCP connection requests to trigger a flaw in the handling of flow based entries by the target Local Packet Transport Services (LPTS) network stack and cause existing or new sessions to be dropped.

The vendor has assigned bug ID CSCux95576 to this vulnerability.

Impact:   A remote user can cause existing or new sessions on the target system to be dropped.
Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr (Links to External Site)
Cause:   Resource error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC