Main Vulnerability Database SB2018071305

SB2018071305 - Denial of service in Cisco StarOS

Published: July 13, 2018

Security Bulletin ID SB2018071305

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: CVE-2018-0369)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms due to improper handling of fragmented IPv4 packets containing options. A remote attacker can send a malicious IPv4 packet across an affected device, trigger a restart of the npusim process and cause all traffic queued toward this instance of the npusim process to be dropped while the process is restarting.

Remediation

Install update from vendor's website.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos