快捷搜索:

Cisco IOS 远程拒绝服务漏洞

破绽信息

Cisco IOS是一款盛行的收集操作系统。

Cisco IOS Stack Group Bidding Protocol (SGBP)机制不精确处置惩罚SGBP协议,远程进击者可以使用破绽对设备进行回绝办事进击。

SGBP协议是多机架多链路点到点协议(MMP)实现,Cisco IOS的SGBP实现在处置惩罚畸形UDP包时存在问题,发送恶意UDP包当9900端口可导致设备挂起并竣事相应。造成回绝办事进击。

用户可根据如下的敕令查看是否起用SGBP协议:

* 系统支持但没有起用SGBP将返回如下信息:

Router#show sgbp

Router#

* 系统不支持SGBP将返回如下差错消息:

Router#show sgbp

Router#show sgbp

% Invalid input detected at '^' marker.

厂商办理规划

可参考供应商的如下链接得到补丁信息:

http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml

破绽供给者

Cisco

破绽消息链接

http://marc.theaimsgroup.com/?l=bugtraq&m=113761985600401&w=2

破绽消息标题

Cisco Security Advisory: IOS Stack Group Bidding Protocol Crafted Packet DoS

BUGTRAQ ID: 16303

CNCAN ID:CNCAN-2006011903

破绽消息光阴:2006-01-18

破绽原由

非常前提处置惩罚掉败差错

影响系统

Cisco IOS 12.4 XB

Cisco IOS 12.4 XA

Cisco IOS 12.4 T

Cisco IOS 12.4 MR

Cisco IOS 12.4

Cisco IOS 12.3 YX

Cisco IOS 12.3 YU

Cisco IOS 12.3 YT

Cisco IOS 12.3 YQ

Cisco IOS 12.3 YM

Cisco IOS 12.3 YK

Cisco IOS 12.3 YJ

Cisco IOS 12.3 YG

Cisco IOS 12.3 YF

Cisco IOS 12.3 XW

Cisco IOS 12.3 XU

Cisco IOS 12.3 XQ

Cisco IOS 12.3 XM

Cisco IOS 12.3 XJ

Cisco IOS 12.3 XI

Cisco IOS 12.3 XH

Cisco IOS 12.3 XF

Cisco IOS 12.3 XD

Cisco IOS 12.3 XB

Cisco IOS 12.3 T

Cisco IOS 12.3 BW

Cisco IOS 12.3 BC

Cisco IOS 12.3 B

Cisco IOS 12.3

Cisco IOS 12.2 ZN

Cisco IOS 12.2 ZJ

Cisco IOS 12.2 ZE

Cisco IOS 12.2 ZD

Cisco IOS 12.2 ZB

Cisco IOS 12.2 ZA

Cisco IOS 12.2 YZ

Cisco IOS 12.2 YY

Cisco IOS 12.2 YX

Cisco IOS 12.2 YW

Cisco IOS 12.2 YT

Cisco IOS 12.2 YN

Cisco IOS 12.2 YE

Cisco IOS 12.2 YD

Cisco IOS 12.2 XV

Cisco IOS 12.2 XT

Cisco IOS 12.2 XS

Cisco IOS 12.2 XL

Cisco IOS 12.2 XK

Cisco IOS 12.2 XG

Cisco IOS 12.2 XF

Cisco IOS 12.2 XC

Cisco IOS 12.2 XB

Cisco IOS 12.2 XA

Cisco IOS 12.2 T

Cisco IOS 12.2 SZ

Cisco IOS 12.2 SY

Cisco IOS 12.2 SU

Cisco IOS 12.2 S

Cisco IOS 12.2 MC

Cisco IOS 12.2 DX

Cisco IOS 12.2 DD

Cisco IOS 12.2 CX

Cisco IOS 12.2 BY

Cisco IOS 12.2 BW

Cisco IOS 12.2 BC

Cisco IOS 12.2 B

Cisco IOS 12.2

Cisco IOS 12.1 YD

Cisco IOS 12.1 YB

Cisco IOS 12.1 YA

Cisco IOS 12.1 XZ

Cisco IOS 12.1 XY

Cisco IOS 12.1 XX

Cisco IOS 12.1 XW

Cisco IOS 12.1 XU

Cisco IOS 12.1 XS

Cisco IOS 12.1 XQ

Cisco IOS 12.1 XM

Cisco IOS 12.1 XL

Cisco IOS 12.1 XI

Cisco IOS 12.1 XH

Cisco IOS 12.1 XD

Cisco IOS 12.1 XA

Cisco IOS 12.1 T

Cisco IOS 12.1 GB

Cisco IOS 12.1 GA

Cisco IOS 12.1 EZ

Cisco IOS 12.1 EX

Cisco IOS 12.1 EC

Cisco IOS 12.1 E

Cisco IOS 12.1 AA

Cisco IOS 12.1

Cisco IOS 12.0 XR

Cisco IOS 12.0 XN

Cisco IOS 12.0 XL

Cisco IOS 12.0 XK

Cisco IOS 12.0 XJ

Cisco IOS 12.0 XI

Cisco IOS 12.0 XH

Cisco IOS 12.0 XG

Cisco IOS 12.0 XE

Cisco IOS 12.0 XD

Cisco IOS 12.0 XC

Cisco IOS 12.0 XA

Cisco IOS 12.0 T

Cisco IOS 12.0 SC

Cisco IOS 12.0 S

Cisco IOS 12.0

迫害

远程进击者可以使用破绽对设备进行回绝办事进击。

进击所需前提

进击者必须造访Cisco IOS。

您可能还会对下面的文章感兴趣: