SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco Catalyst Switch Vendors:   Cisco
Cisco Catalyst 4500 and 4500-X Series Switches Bidirectional Forwarding Detection Error Handling Bug Lets Remote Users Cause the Target 'iosd' Service to Crash
SecurityTracker Alert ID:  1040587
SecurityTracker URL:  http://securitytracker.com/id/1040587
CVE Reference:   CVE-2018-0155   (Links to External Site)
Date:  Mar 28 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4500 and 4500-X Series
Description:   A vulnerability was reported in Cisco Catalyst Switch. A remote user can cause the target service to crash.

A remote user can send a specially crafted Bidirectional Forwarding Detection (BFD) packet to or through the target device to trigger an error handling flaw and cause the target 'iosd' process to crash and the system to reload.

The following models are affected when the BFD feature is enabled:

Catalyst 4500 Supervisor Engine 6-E (K5)
Catalyst 4500 Supervisor Engine 6L-E (K10)
Catalyst 4500 Supervisor Engine 7-E (K10)
Catalyst 4500 Supervisor Engine 7L-E (K10)
Catalyst 4500E Supervisor Engine 8-E (K10)
Catalyst 4500E Supervisor Engine 8L-E (K10)
Catalyst 4500E Supervisor Engine 9-E (K10)
Catalyst 4500-X Series Switches (K10)
Catalyst 4900M Switch (K5)
Catalyst 4948E Ethernet Switch (K5)

The vendor has assigned bug ID CSCvc40729 to this vulnerability.

Impact:   A remote user can cause the target service to crash.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd (Links to External Site)
Cause:   Exception handling error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-bfd

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC