Cisco 發布了五個安全公告,以應對發現於 Cisco NX-OS軟件中的漏洞。遠端攻擊者可向受影響裝置發送含特製惡意內容的BGP更新訊息、DHCPv4或OTV UDP封包來攻擊這個漏洞。
關於受影響產品的詳細資料,請參閱供應商網站相關安全公告中 “Affected Products” 的部分:
1. Cisco NX-OS 軟件產品認證、授權和計帳繞過漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa
2. Cisco Nexus 7000 和 7700 系列交換器覆蓋傳輸虛擬化緩衝區溢出漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv
3. Cisco NX-OS邊界閘道器協定服務受阻斷漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp
4. Cisco NX-OS 軟件特製DHCPv4封包拒絕服務漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1
5. Cisco NX-OS 軟件異常DHCPv4封包拒絕服務漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2
成功利用這些漏洞可以導致執行任意程式碼、繞過保安限制、服務受阻斷或重新啓動裝置,視乎攻擊者利用哪個漏洞而定。
適用於受影響系統的修補程式已可獲取。受影響系統的用戶應遵從產品供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv
https://www.us-cert.gov/ncas/current-activity/2016/10/05/Cisco-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6393