CVE-2005-0195
CVSS5.0
发布时间 :2005-05-02 00:00:00
修订时间 :2009-03-04 00:29:27
NMCOS    

[原文]Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.


[CNNVD]Cisco IOS远程拒绝服务漏洞(CNNVD-200505-217)

        Cisco IOS是运行于很多Cisco设备的操作系统。
        运行IPv6的Cisco IOS设备在处理特殊IPv6包时存在问题,远程攻击者可以利用这个漏洞对设备进行拒绝服务攻击。漏洞存在于Cisco设备处理IPv6通信包时,多个特殊构建的IPv6通信包发送给逻辑接口(包括6to4通道)及物理接口可触发此漏洞。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:cisco:ios:12.2ewaCisco IOS 12.2EWA
cpe:/o:cisco:ios:12.2zjCisco IOS 12.2ZJ
cpe:/o:cisco:ios:12.3xzCisco IOS 12.3XZ
cpe:/o:cisco:ios:12.3xlCisco IOS 12.3XL
cpe:/o:cisco:ios:12.0sCisco IOS 12.0S
cpe:/o:cisco:ios:12.2ytCisco IOS 12.2YT
cpe:/o:cisco:ios:12.3jaCisco IOS 12.3JA
cpe:/o:cisco:ios:12.0sxCisco IOS 12.0SX
cpe:/o:cisco:ios:12.2sxaCisco IOS 12.2SXA
cpe:/o:cisco:ios:12.0szCisco IOS 12.0SZ
cpe:/o:cisco:ios:12.2svCisco IOS 12.2SV
cpe:/o:cisco:ios:12.2czCisco IOS 12.2CZ
cpe:/o:cisco:ios:12.2bcCisco IOS 12.2BC
cpe:/o:cisco:ios:12.2sxdCisco IOS 12.2SXD
cpe:/o:cisco:ios:12.3bCisco IOS 12.3B
cpe:/o:cisco:ios:12.3xsCisco IOS 12.3XS
cpe:/o:cisco:ios:12.2mcCisco IOS 12.2MC
cpe:/o:cisco:ios:12.3xtCisco IOS 12.3XT
cpe:/o:cisco:ios:12.3xbCisco IOS 12.3XB
cpe:/o:cisco:ios:12.2bzCisco IOS 12.2BZ
cpe:/o:cisco:ios:12.3xqCisco IOS 12.3XQ
cpe:/o:cisco:ios:12.3xnCisco IOS 12.3XN
cpe:/o:cisco:ios:12.2szCisco IOS 12.2SZ
cpe:/o:cisco:ios:12.2yzCisco IOS 12.2YZ
cpe:/o:cisco:ios:12.3jCisco IOS 12.3J
cpe:/o:cisco:ios:12.3xyCisco IOS 12.3XY
cpe:/o:cisco:ios:12.3bwCisco IOS 12.3BW
cpe:/o:cisco:ios:12.2zgCisco IOS 12.2ZG
cpe:/o:cisco:ios:12.2ziCisco IOS 12.2ZI
cpe:/o:cisco:ios:12.2zpCisco IOS 12.2ZP
cpe:/o:cisco:ios:12.2znCisco IOS 12.2ZN
cpe:/o:cisco:ios:12.2suCisco IOS 12.2SU
cpe:/o:cisco:ios:12.3yeCisco IOS 12.3YE
cpe:/o:cisco:ios:12.2bxCisco IOS 12.2BX
cpe:/o:cisco:ios:12.3xcCisco IOS 12.3XC
cpe:/o:cisco:ios:12.3Cisco IOS 12.3
cpe:/o:cisco:ios:12.2seCisco IOS 12.2SE
cpe:/o:cisco:ios:12.2bCisco IOS 12.2B
cpe:/o:cisco:ios:12.3xdCisco IOS 12.3XD
cpe:/o:cisco:ios:12.2yvCisco IOS 12.2YV
cpe:/o:cisco:ios:12.2zlCisco IOS 12.2ZL
cpe:/o:cisco:ios:12.2zeCisco IOS 12.2ZE
cpe:/o:cisco:ios:12.3xmCisco IOS 12.3XM
cpe:/o:cisco:ios:12.2yuCisco IOS 12.2YU
cpe:/o:cisco:ios:12.3xuCisco IOS 12.3XU
cpe:/o:cisco:ios:12.3xiCisco IOS 12.3XI
cpe:/o:cisco:ios:12.3ygCisco IOS 12.3YG
cpe:/o:cisco:ios:12.3xhCisco IOS 12.3XH
cpe:/o:cisco:ios:12.3tCisco IOS 12.3T
cpe:/o:cisco:ios:12.3xwCisco IOS 12.3XW
cpe:/o:cisco:ios:12.3xaCisco IOS 12.3XA
cpe:/o:cisco:ios:12.3xkCisco IOS 12.3XK
cpe:/o:cisco:ios:12.3xrCisco IOS 12.3XR
cpe:/o:cisco:ios:12.2sxbCisco IOS 12.2SXB
cpe:/o:cisco:ios:12.2zfCisco IOS 12.2ZF
cpe:/o:cisco:ios:12.3xfCisco IOS 12.3XF
cpe:/o:cisco:ios:12.2sxCisco IOS 12.2SX
cpe:/o:cisco:ios:12.2ewCisco IOS 12.2EW
cpe:/o:cisco:ios:12.2swCisco IOS 12.2SW
cpe:/o:cisco:ios:12.3ydCisco IOS 12.3YD
cpe:/o:cisco:ios:12.2zdCisco IOS 12.2ZD
cpe:/o:cisco:ios:12.3yhCisco IOS 12.3YH
cpe:/o:cisco:ios:12.2zhCisco IOS 12.2ZH
cpe:/o:cisco:ios:12.3xxCisco IOS 12.3XX
cpe:/o:cisco:ios:12.3bcCisco IOS 12.3BC
cpe:/o:cisco:ios:12.2zoCisco IOS 12.2ZO
cpe:/o:cisco:ios:12.3xeCisco IOS 12.3XE
cpe:/o:cisco:ios:12.3yfCisco IOS 12.3YF
cpe:/o:cisco:ios:12.2zcCisco IOS 12.2ZC
cpe:/o:cisco:ios:12.2sCisco IOS 12.2S
cpe:/o:cisco:ios:12.3yaCisco IOS 12.3YA
cpe:/o:cisco:ios:12.2syCisco IOS 12.2SY
cpe:/o:cisco:ios:12.2jkCisco IOS 12.2JK
cpe:/o:cisco:ios:12.3xgCisco IOS 12.3XG
cpe:/o:cisco:ios:12.2cxCisco IOS 12.2CX
cpe:/o:cisco:ios:12.2tCisco IOS 12.2T

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:5813Cisco Systems IOS IPv6 Heap Corruption Vulnerability
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0195
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0195
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-217
(官方数据源) CNNVD

- 其它链接及资源

http://www.us-cert.gov/cas/techalerts/TA05-026A.html
(VENDOR_ADVISORY)  CERT  TA05-026A
http://www.kb.cert.org/vuls/id/472582
(VENDOR_ADVISORY)  CERT-VN  VU#472582
http://xforce.iss.net/xforce/xfdb/19072
(VENDOR_ADVISORY)  XF  cisco-ios-ipv6-dos(19072)
http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml
(VENDOR_ADVISORY)  CISCO  20050126 Multiple Crafted IPv6 Packets Cause Reload

- 漏洞信息

Cisco IOS远程拒绝服务漏洞
中危 其他
2005-05-02 00:00:00 2009-03-04 00:00:00
远程  
        Cisco IOS是运行于很多Cisco设备的操作系统。
        运行IPv6的Cisco IOS设备在处理特殊IPv6包时存在问题,远程攻击者可以利用这个漏洞对设备进行拒绝服务攻击。漏洞存在于Cisco设备处理IPv6通信包时,多个特殊构建的IPv6通信包发送给逻辑接口(包括6to4通道)及物理接口可触发此漏洞。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.cisco.com/warp/public/707/iacl.html

- 漏洞信息

13193
Cisco IOS Multiple Crafted IPv6 Packet DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Unknown

- 漏洞描述

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when multiple crafted IPv6 packets are processed, and will result in loss of availability for the platform.

- 时间线

2005-01-26 Unknow
Unknow Unknow

- 解决方案

The vendor has released upgrades to address this vulnerability. See the vendor's solution URL for available upgrades. It may also be possible to correct the flaw by disabling all IPv6 interfaces on the device.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Cisco IOS IPv6 Processing Remote Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 12368
Yes No
2005-01-26 12:00:00 2009-07-12 10:06:00
The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue.

- 受影响的程序版本

Cisco IOS 12.3YH
Cisco IOS 12.3YG
Cisco IOS 12.3YF
Cisco IOS 12.3YE
Cisco IOS 12.3YD
Cisco IOS 12.3YA
Cisco IOS 12.3XZ
Cisco IOS 12.3XY
Cisco IOS 12.3XX
Cisco IOS 12.3XU
Cisco IOS 12.3XT
Cisco IOS 12.3XS
Cisco IOS 12.3XR
Cisco IOS 12.3XQ
Cisco IOS 12.3XN
Cisco IOS 12.3XM
Cisco IOS 12.3XL
Cisco IOS 12.3XK
Cisco IOS 12.3XJ
Cisco IOS 12.3XI
Cisco IOS 12.3XH
Cisco IOS 12.3XG
Cisco IOS 12.3XF
Cisco IOS 12.3XE
Cisco IOS 12.3XD
Cisco IOS 12.3XC
Cisco IOS 12.3XB
Cisco IOS 12.3XA
Cisco IOS 12.3T
Cisco IOS 12.3JA
Cisco IOS 12.3BW
Cisco IOS 12.3BC
Cisco IOS 12.3B
Cisco IOS 12.3
Cisco IOS 12.2ZP
Cisco IOS 12.2ZO
Cisco IOS 12.2ZN
Cisco IOS 12.2ZL
Cisco IOS 12.2ZJ
Cisco IOS 12.2ZJ
Cisco IOS 12.2ZI
Cisco IOS 12.2ZH
Cisco IOS 12.2ZH
Cisco IOS 12.2ZG
Cisco IOS 12.2ZG
Cisco IOS 12.2ZF
Cisco IOS 12.2ZF
Cisco IOS 12.2ZE
Cisco IOS 12.2ZE
Cisco IOS 12.2ZD
Cisco IOS 12.2ZD
Cisco IOS 12.2ZC
Cisco IOS 12.2YZ
Cisco IOS 12.2YZ
Cisco IOS 12.2YV
Cisco IOS 12.2YV
Cisco IOS 12.2YU
Cisco IOS 12.2YU
Cisco IOS 12.2YT
Cisco IOS 12.2YT
Cisco IOS 12.2T
Cisco IOS 12.2SZ
Cisco IOS 12.2SZ
Cisco IOS 12.2SY
Cisco IOS 12.2SY
Cisco IOS 12.2SXD
Cisco IOS 12.2SXB
Cisco IOS 12.2SXA
Cisco IOS 12.2SX
Cisco IOS 12.2SW
Cisco IOS 12.2SV
Cisco IOS 12.2SU
Cisco IOS 12.2SE
Cisco IOS 12.2S
Cisco IOS 12.2MC
Cisco IOS 12.2JK
Cisco IOS 12.2EWA
Cisco IOS 12.2EW
Cisco IOS 12.2CZ
Cisco IOS 12.2CX
Cisco IOS 12.2CX
Cisco IOS 12.2CX
Cisco IOS 12.2BZ
Cisco IOS 12.2BX
Cisco IOS 12.2BC
Cisco IOS 12.2B
Cisco IOS 12.0SZ
Cisco IOS 12.0SZ
Cisco IOS 12.0SX
Cisco IOS 12.0S

- 漏洞讨论

A remote denial of service vulnerability affects the IPv6 processing functionality of Cisco IOS. This issue is due to a failure of the affected operating system to properly handle specially crafted network data.

It is possible for an attacker to produce a sustained denial of service condition against an affected device by continually sending the malicious network data.

An attacker may leverage this issue to cause an affected device to reload, denying service to legitimate users.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

The vendor has released an advisory (cisco-sa-20050126-ipv6) and fixes to address this vulnerability. Customers are advised to peruse the referenced advisory for further information in regards to obtaining and applying appropriate updates.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站