Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.1665
A number of vulnerabilities have been identified in Cisco
IOS Software and Cisco IOS XE Software
25 September 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco IOS Software
Cisco IOS XE Software
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2014-3361 CVE-2014-3360 CVE-2014-3359
CVE-2014-3358 CVE-2014-3357 CVE-2014-3356
CVE-2014-3354
Original Bulletin:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns
Comment: This bulletin contains six (6) Cisco Systems security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-dhcpv6
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to improper parsing of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of an affected device.
Cisco has released free software updates that address this vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNeAAoJEIpI1I6i1Mx3FxAP/i8bB96s06HvbR5sSFBf6iqW
QMfKKOujTGf9w9UH/CUqVtvX2kDLoaZXxoARruZ3hIk2tWqfkFCIyGtCSEXwQxfg
+ueE/LpmXZWkvZ7eLk7GS7lclfVlbu4W5GR1+asp3qIOeKRUpY9SPWDlLuT7vmtb
s8WmVbDKQOEg3MJSt4tkUSDQsL6AOvhFue2VYjGUnzYX0SPOQxkeCGCbOcmCRGPH
3Yi0IPiUa/XOxOCfsSlXJQP5OWVOlCnQZGiOlyaiaYiyTjUlB7uKgZP/jGIuc/gf
4dt0FTK/VykqLXIXERNBL28IO/4ZZDtkZvosy92iUG/BlXzdxB4+9pZ3wgqeih9Q
2hVNgX+xQ+M6BoTyMZ11OvZxqvaIr4e4ijx/CRx+jkqsX3tgoWzcEWe6EDpAL/6s
G7+0cZ04L5zdbZg0NTqciuN04Wm7HEKTpCr3Da/BwomP7Wzx/zHkKAi0IUj/Qa9f
hD/RYmapejks3QXpVPaxYoSQANq7u7dBlSenNYxKaurRNDe9JO8y0LHrLWgF/PlW
CRRt3k7x5bo+nHSUQrZTIeJhPLcvZ9zxLhs1X3ksSdB44ro0pH9kGky6ewPzrd/7
8HimC+ibFB5bU+sjw1iLNZY3Wd9pVNpiezuCzoKgK4mJ8IjbtFm+mBRvDL4bf5xA
oKMD5Aa57OYRgeRzm5ZR
=N1Wn
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Metadata Vulnerabilities
Advisory ID: cisco-sa-20140924-metadata
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device.
The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition.
Cisco has released free software updates that address these vulnerabilities.
Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3SpwP/jfNLKisT8kvgV2iMhFr0Z2w
1oOqnYmG1WWNh/yXh+uKIPeHUDSYjsW1ntAP/vnuw1Op2UDPMl1fTWe4AWo8huOf
R2cq3dCBZRfKmlhfJAGuqaramkAITwLPNsODwIHZUwXYQPrHnlZB7c/Ry8dkE+d5
ATGeGFS9nDnboAKyRFyusLarQ95X+Yukpq/BmGLXd+neuC+tz4x1PCBvQJdeqaMx
Fg2r94dg0mhzwYJ/HBLVUk4OJRYhJxUeJw7zqrB9GGZnYry+ll8qY9pSbMVpI1Yy
523Okpes5zJ1KNR+uceABj1SSpe0n+LAfqj8ekkzrZz7CQGONYEd39PSor73zKBE
1SmyUVj75hoH3rx45SQLgArvfUXkJZLeSgnstWU7DCIlD5OjxMbazq8nlU9cmD5q
gXKtPLZI8/xREwUjmmowv3ykSscxW7x0EBL/NCG+JcXmTGS26gf8SGsVfkDYIkuo
iLxrgkiuvXtq+SGLdmRnfC7Ts2m/5E1AJHW7V64yZ+tNLW4XM5cMjMtDZXTQdQHN
sQvPe8E4sFFpcSn2vi0Y5weBItr3p+QGDF5HxojPr1NLZz8bHUBWJ6kjYvDynM3C
yGXTgEI7g8vmzcfeBTZCa3Us/qDb+0DZFzt15TpUbZmcuVjcoSo3myp1+XzP7ky2
xC9OlRnpvnRWrSnAXcLe
=E9az
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Network Address Translation Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-nat
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the Network Address Translation (NAT) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper translation of IP version 4 (IPv4) packets.
Cisco has released free software updates that address this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3GjkQAKWPwFAUj1OaQ+/vwiKdlcwC
sZZk53GXtQE3IVMyOYP2LyeDJk1E/Krv8BK8gguBxSjjhRi4WLKc2lr7NrbOmQUh
qq9UCG1HXQi1pOUuKxTJVtlX6jktiZrdvguWcRDCZc6jbPs0cZNmfrsD5fsp8w/2
65dIFPRPYWebLBvKPCJYEvd87ugbb+jLl28qdlCFAaUMgLBnvgeNemIPu9LxgatI
I1rEGXSs6YEkAzGG4uwRvOA+K/3GChuGt1v3b4YS6QVOJCHQlNvvztZMJKcPOEj5
EgtHlsQJC/tCLLT43l6+IAbmDTyaXiZITHhxFa3NXI3q6v8yuf7USFnAI7HyNdW7
ZqYpRybdyIMMSaDCMTEjYKQ5wSq95Ci9K2J52GuADKo2VJiAntoRF496VL1WftT8
80jKzNoaDX4310xvSEN2DEAU5ekLH3792o/6zIB+HgDWKZOEayO9ugWjMrBrI226
Djn/sD3oEWKUkp5EZS2HJAzYTitE5zBOfAh5qfQs7siTQQIcP3b2NgdFR5ZTiile
Eo2w82I2QC96zUz51a4ESLrK88fOAl30mh/Zk8qhxCUs/29z6h2m7AAsc/9QZNHd
Q4lwkodU7yllOIPV16ob47B61XueH4V3Jw7Rt3CJZUwbDTYALlPDK3bwjR60WxP7
KP2y8xOM0z4g0HMz/8bc
=luk3
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software RSVP Vulnerability
Advisory ID: cisco-sa-20140924-rsvp
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition.
Cisco has released free software updates that address this vulnerability.
A workaround that mitigates this vulnerability is available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3qoIP/RnDEwuhG4SEtyEAycEOpJoX
cDsmK8C0xRKYkoUeSlmkO1TXzRk42RMnd6aoYAxojgqsYnVt10ZKibSLzCxZxWnX
MMKhMPSrUSvWvPNgLDYyOJ4R4B6IOwYwS6wNCABtiwes/rET+p+d0gw4rZ4SLujF
hSrWcxE8Fax5zU7Z++ZifOhcg/C7gGvIbsuStf01S6/oZHPx8PXnVj9J4eI0Yxz9
JRhkJQv8FlfJYzZnxbi545YH1fUt+e5FzTTlPOaYayYqi0E/NvrPW64s8QKLURE7
M01EzxIsyItwxIYAXy5pcUHnyAd/bZ21CmEiHvOq4GZVXoZpkkF0pCceos+mC987
4mPYVe+PwNrPJwb0qdG6MKDiXmO+txVFLazNF2JJaGeFYjeN+If57mJSttznVLiE
ZPCkdLmr/Y2uDbtwoDdFI6TbrIsFceawIEKLn5lIPQrtt+JiwkWkxKSLMsB6wm0l
nmogpIL43jgnozrYRTMizA+hu/mHgg88mOWD/AAFA5O6K+YQIEYYtYjy4Bundrq7
2Rr6uJNUN9fD3amT3ZqP6DE7ETlAkC29sFy0IuXkudpXc+YrcVAkhwrlMekoeepL
t6cWl+o8dTaexJe7h4neuADwCPrT15wNBiasHP0Uw/BAUnbPM2aOjL8WZDb1BHvT
5AkSuOMpsSZakqt0vik+
=kL1E
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
Advisory ID: cisco-sa-20140924-sip
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
A vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device. To exploit this vulnerability, affected devices must be configured to process SIP messages.
Cisco has released free software updates that address this vulnerability.
There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNgAAoJEIpI1I6i1Mx307EQAI1LtZYk5Eiw9CR6ZQSCPjjI
vxWM5f+29TObzPyYSlWuoexDnryZ5s3FZNje6HKz0ie9hoHEXJq1YTU7Ya/JeuWV
6yNgBgbIC94PcpmK+aHuboSk/oe9aEvAsIM5lIQJwTxIa1CTq5zP1iKwe420iOQd
YOHy8rjxRXda+G3OS/91m98mLQ72vIwQ2tCqrAsn484RoPMHndnMvchLLwxdEsHL
fHW0tdTDXZ0KAup92koXBiIBbasfdOo/EgunmI1xw1bbDqs3fX2G6Dl5SiOUHSM0
0sn83/7WnexbXXG+Zv9vAxgYbevesQWqOpZl0Aw+nl+ov2RvmcuaEKXIm/1yPROV
vJXaL+q38c+A34Hio308V8xgnPn1CCW91TrOzT+iv+tIrH6O+jT/ehjz8ioNHrKn
lxenUBdRiSvLNF/LOpZFlvRs9Gdbat7iwOLbi7ri5s3Mjs4gRQcPg/ElboFvMz1D
bZuSk2y7tq46MxvZosHY1JWu+5VgsO2tJAvl+isgn/Vc6Rk6ZAFpvLK+HjPN7AF3
+rPXMm/lqC9IhgviyNpDEVo0clm9a8vNwgki30s4XCS6Mat4irSX+Af0X6fZ1VII
K0M+fNHgR72lLv1NR9TsRWz40njwx+ks9a9fdmkfNRuXXjx8OBfC0kwVKBU0H3EJ
hzkjmy3Hee100G2V/9X+
=X1lR
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System
Advisory ID: cisco-sa-20140924-mdns
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
The Cisco IOS Software implementation of the multicast Domain Name System (mDNS) feature contains the following vulnerabilities when processing mDNS packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition:
Cisco IOS Software mDNS Gateway Memory Leak Vulnerability
Cisco IOS Software mDNS Gateway Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUIZNeAAoJEIpI1I6i1Mx3euMP/0ptD3acwXkieo5NTQEYXU2L
cMlnxkTZnXzzjkGAcy0eJKhHAh9JI0FU5DcEVmMbTd7qXnm2sixFYR27dxMCJBaG
Quj5RgGGz2KUFNGO87+JX8zw8yBKyknN8eO7njBb6c99UHAv/GVZAjnwcDEbRM3L
G7/C7S7ZVkk8w63U46CsVV5eaGj2RQnbZx3jYNhPKjZnCc/MQSM87nnTuR8RjkCm
wlrReK6BjxtJ13R3o2NmWzSJWSsc8N81pvIooJdaBCqlGZ4e/j06Z5+S5CF3DGiJ
xJvEdKGdvLRo14hUtQLJ8Vx8bJMkHBdr7Bernmca/8AIeXEMdc61ZGs8bS72Magh
JbiJIT7B3jQXdjzQpQ/mHKNoghkI302g3H6egrtsCBWr+lepEIfmHLf4h0LueqWh
pVQPqXWAGg+5AR1ABvP+mwtQuz/psboXpacMM8keZ2a/6uS82tf3lTXR/8zBd+Om
sGbhBYIkO67Cp/Zn2CNY1v9Pg8f4tNAkATazg2Mvt4QfOlRUFRYBdyV2LZLSDCJ4
9/Pw8s7pLMMFpt90pBzIBUY+FsiGkWoHduMO7/O93Zw4Y2n2vnRYFkyuFQFphBuO
M2Yb20vqO9tsELTt0MDmdfXf40HhhAUF6zbw6fWa4SCV4CwZn6h8eAZttsqQQqxl
cdgZjAsAV5dsoejxk0LC
=7Kkh
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVCOttxLndAQH1ShLAQJ7QRAAl1MVET+qSuxk43t1h5EBn9ZPX4YK2d8A
xnbePJiWu2RGPdG3tpj6uWmZzcdqvsLlTm52zq/y27Gz+BsEc3E9O+98HkSz3yof
/AkVQy5AKQA9lLLKWDgHBTfROL4DSCr8ORcj+JdsMWBfviHUxqmZP7Aaz7r+lUnW
fPYCUYE8Q1AdqDsQKsc0ZJWuMMpyslMydcnb93F+5LfBwv8KxcE4gKfgT/ofkaLT
Wdu5gRy2kVKvkhYsRgJ+k0Zp5/XM26cFLGQJKUaFZ0zwQB6mgkHRgdwc53jKuKV8
OlAm63uy4sCeIA6ki9IaRxK1n4JjzFQ3Jv11qBiNamki4AW4eHmmXq4zE9+R0/sb
VwPKIQWr9PHwY/dqeD5L6NO17M6cnzGDGOPGgD67we8f9m/aed/PQzWGk41hplZZ
OGW6PF17LNj9G2GYMyF/EY0L45ulokAlRwxBPvWV+BcUE3dQMn5NNdmMKNhYdtNK
usA0SOKJYHeY8uhiozJ6fu637DLZbHONOOazIBNtmSY2FqAFtnjgI7IKLHhqRyv0
tLBe1k3NdnCdPm5/EHIf8xpIf2HA6hbO7cSY1+0Rt8CDghzi8IUiWRFKanQQy8Pl
zM5g0/js6tXkoBIPe7zq/8cyBtBYmv4zeJTGYpyEwUU0P2J+p8GmoQ327zb+MPcb
PXeCJeQQqW4=
=PXoa
-----END PGP SIGNATURE-----