Security Alert (A16-03-08): Multiple Vulnerabilities in Cisco Products (March 2016)

Description:

Cisco has released six security advisories fixing a number of vulnerabilities in Cisco IOS, IOS XE, NX-OS and Cisco Unified Communications Manager software. An unauthenticated remote attacker could exploit the vulnerabilities in relation to several functions or protocols including Session Initiation Protocol (SIP), DHCPv6 relay feature, handling of Internet Key Exchange version 2 (IKEv2) fragmentation code, smart install client feature, Locator/ID Separation Protocol (LISP), and Wide Area Application Services (WAAS) Express feature.

There are a multitude of attack vectors, a remote attacker could try to send malformed SIP message or LISP packet, specially crafted DHCPv6 relay message, UDP packets or Smart Install packets, or route a crafted TCP segment to/through a vulnerable device.

Affected Systems:

• Cisco IOS, IOS XE, NX-OS and Cisco Unified Communications Manager Software

The complete list of vulnerable systems can be found in the "Affected Products" section of individual Cisco Security Advisory available at:

01. Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip

02. Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6

03. Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2

04. Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi

05. Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp

06. Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f

Impact:

Depending on the vulnerability exploited, a successful attack could cause a Denial of Service (DoS) condition or reload of a vulnerable device.

Recommendation:

Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Obtaining Fixed Software" of corresponding security advisory at vendor's website.

Users should contact their product support vendors for the fixes and assistance.

More Information:

http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f
https://www.hkcert.org/my_url/en/alert/16032401
https://www.us-cert.gov/ncas/current-activity/2016/03/23/Cisco-Release-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1351