SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cisco Prime Network Analysis Module Vendors:   Cisco
Cisco Prime Network Analysis Module IPv6 Packet Decoding Bug Lets Remote Users Cause Denial of Service Conditions
SecurityTracker Alert ID:  1036016
SecurityTracker URL:  http://securitytracker.com/id/1036016
CVE Reference:   CVE-2016-1370   (Links to External Site)
Date:  Jun 1 2016
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Prime Network Analysis Module. A remote user can cause the target monitoring service to crash.

A remote user can send a specially crafted IPv6 packet to trigger a flaw in the IPv6 payload length calculation in the IPv6 packet decode function and cause the target 'mond' process to crash and fail to collect and monitor traffic until restarted.

The vendor has assigned bug ID CSCuy37324 to this vulnerability.

Impact:   A remote user can cause the target 'mond' process to crash and fail to monitor traffic until restarted.
Solution:   The vendor has issued a fix (6.2(1-b)).

The vendor's advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC