Cisco 发布了五个安全公告,以应对发现于 Cisco IOS及IOS XE软件中的多个漏洞。攻击者可向受影响装置传送特制的DHCP 封包、特制的L2TP 封包、特制的HTTP 参数或发送过量请求来攻击这些漏洞。
关于受影响产品的详细数据,请参阅供货商网站相关安全公告中 “Affected Products” 的部分:
01. Cisco IOS 及 IOS XE软件的DHCP 客户服务阻断漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc
02. Cisco IOS 及 IOS XE软件的第二层隧道协议服务阻断漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp
03. Cisco IOS XE软件于Cisco ASR 920系列路由器的零接触配置服务阻断漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp
04. Cisco IOS XE软件的HTTP命令注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci
05. Cisco IOS XE 软件的网页用户界面服务阻断漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui
成功利用这些漏洞可以导致执行任意程序代码、服务受阻断、装置重新启动或控制受影响的系统,视乎攻击者利用哪个漏洞而定。
适用于受影响系统的修补程序已可获取。受影响系统的用户应遵从产品供货商的建议,立即采取行动以降低风险。有关修补程序的详细数据,请参阅供货商网站的相应安全公告中有关 “Fixed Software” 的部分。
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-60851
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-dhcpc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-xeci
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-ztp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-webui
https://www.us-cert.gov/ncas/current-activity/2017/03/22/Cisco-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3856 (to CVE-2017-3859)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3864