SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Device (Router/Bridge/Hub)  >   Cisco IOS Vendors:   Cisco
Cisco IOS/IOS XE Buffer Overflow in Processing Smart Install Packets Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1040580
SecurityTracker URL:  http://securitytracker.com/id/1040580
CVE Reference:   CVE-2018-0171   (Links to External Site)
Updated:  Apr 10 2018
Original Entry Date:  Mar 28 2018
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco IOS and IOS XE. A remote user can execute arbitrary code on the target system.

A remote user can send a specially crafted Smart Install message to TCP port 4786 to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target service.

Systems that have the Smart Install client feature enabled are affected.

The vendor has assigned bug IDs CSCvd36820 and CSCvg76186 to this vulnerability.

[Editor's note: On April 9, 2018, the vendor clarified that this vulnerability is not being actively exploited. However, the vendor also reported that a general "protocol misuse issue" in the Cisco Smart Install Client is being actively exploited on systems that have the feature enabled, not specific to any individual vulnerability in the Smart Install feature.]

George Nosenko (via GeekPwn) reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

[Editor's note: On April 9, 2018, the vendor advised that action is required to secure the Smart Install feature and issued an additional informational advisory, available at: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180409-smi]

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 (Links to External Site)
Cause:   Boundary error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC