CYBER NEWS

CVE-2018-0369: Mais uma vulnerabilidade da Cisco de alta gravidade

Yet another vulnerability, identified as CVE-2018-0369, in Cisco software has been patched. Rated severe, the flaw is described as an IPv4 Fragmentation vulnerability which could lead to a denial of service if used with three other medium severity bugs.




CVE-2018-0369 Technical Details

The vulnerability stems from improper handling of fragmented IPv4 packets containing options.

Mais especificamente, these packets contained options which could be exploited by hackers in a scenario where a malicious IPv4 packer is sent across vulnerable devices. According to the official Cisco advisory, the vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusimprocess, resultando em uma negação de serviço (DoS) condição.

Which devices are affected by CVE-2018-0369?

As explained in the advisory, the vulnerability affects the following Cisco products running any release of the StarOS operating system prior to the first fixed release:

Cisco Virtualized Packet Core-Single Instance (VPC-SI);
Cisco Virtualized Packet Core-Distributed Instance (VPC-DI);
Cisco Ultra Packet Core (UPC).

Here is a list of the devices that are not affected by the vulnerability:

Cisco ASR 5000 Series Aggregation Services Routers;
Cisco Elastic Services Controllers (ESC);
Cisco Ultra Automation Services (UAS).

As for the medium severity vulnerabilitiesthey include a FireSIGHT system software file policy bypass vulnerability, a FireSIGHT system software URL-based access control policy bypass flaw, and a web security appliance cross-site scripting flaw.

To determine whether a vulnerable release of Cisco StarOS is running on an affected instance, administrators can use the show version command in the device CLI, Cisco disse. The company has also released free software updates that address CVE-2018-0369.

Story relacionado: CVE-2018-0296 Uma falha grave em Cisco ASA e Firepower Atualmente Exploradas

It is highly advisable to patch affected devices. Just last month there were reports about another vulnerability, CVE-2018-0296, rated high-severe and affecting Cisco ASA and Firepower security appliances. The flaw was actively exploited in the wild after an exploit of it showed up online a few days prior to the attacks.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...