Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.106331 |
Category: | CISCO |
Title: | Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability |
Summary: | A vulnerability in the implementation of the DHCPv4 relay agent and smart;relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service;(DoS) condition on an affected device. |
Description: | Summary: A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Vulnerability Insight: The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device. Vulnerability Impact: An exploit could allow the attacker to cause the DHCP process or device to crash. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-6392 BugTraq ID: 93406 http://www.securityfocus.com/bid/93406 Cisco Security Advisory: 20161005 Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 http://www.securitytracker.com/id/1036948 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |