Cisco IOS/IOS XE/IOS XR Link Layer Discovery Protocol Bugs Let Remote Users on the Local Network Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1040586 |
|
SecurityTracker URL: http://securitytracker.com/id/1040586
|
|
CVE Reference:
CVE-2018-0167, CVE-2018-0175
(Links to External Site)
|
Date: Mar 28 2018
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
Two vulnerabilities were reported in Cisco IOS, IOS XE, and IOS XR. A remote user can gain elevated privileges.
A remote authenticated user on the local network can send a specially crafted Link Layer Discovery Protocol (LLDP) data unit (PDU) to trigger a buffer overflow and execute arbitrary code with elevated privileges on the target system [CVE-2018-0167].
A remote authenticated user on the local network can send a specially crafted LLDP PDU that, when a local user executes a specific show command via the command line interface, will trigger a format string error and execute arbitrary code with elevated privileges on the target system [CVE-2018-0175].
The vendor has assigned bug IDs CSCuo17183, CSCvd73487, and CSCvd73664 to these vulnerabilities.
|
Impact:
A remote user on the local network can gain elevated privileges on the target system.
|
Solution:
The vendor has issued a fix.
The vendor advisory is available at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp
|
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp (Links to External Site)
|
Cause:
Boundary error, Input validation error, State error
|
|
Message History:
None.
|
Source Message Contents
|
Subject: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp
|
|
|
