Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Router/Bridge/Hub)  >   Cisco Catalyst Switch Vendors:   Cisco
Cisco Catalyst 4500 and 4500-X Series Switches Bidirectional Forwarding Detection Error Handling Bug Lets Remote Users Cause the Target 'iosd' Service to Crash
SecurityTracker Alert ID:  1040587
SecurityTracker URL:
CVE Reference:   CVE-2018-0155   (Links to External Site)
Date:  Mar 28 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4500 and 4500-X Series
Description:   A vulnerability was reported in Cisco Catalyst Switch. A remote user can cause the target service to crash.

A remote user can send a specially crafted Bidirectional Forwarding Detection (BFD) packet to or through the target device to trigger an error handling flaw and cause the target 'iosd' process to crash and the system to reload.

The following models are affected when the BFD feature is enabled:

Catalyst 4500 Supervisor Engine 6-E (K5)
Catalyst 4500 Supervisor Engine 6L-E (K10)
Catalyst 4500 Supervisor Engine 7-E (K10)
Catalyst 4500 Supervisor Engine 7L-E (K10)
Catalyst 4500E Supervisor Engine 8-E (K10)
Catalyst 4500E Supervisor Engine 8L-E (K10)
Catalyst 4500E Supervisor Engine 9-E (K10)
Catalyst 4500-X Series Switches (K10)
Catalyst 4900M Switch (K5)
Catalyst 4948E Ethernet Switch (K5)

The vendor has assigned bug ID CSCvc40729 to this vulnerability.

Impact:   A remote user can cause the target service to crash.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Exception handling error

Message History:   None.

 Source Message Contents



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC