Cisco 發布了六個安全公告,以應對發現於 Cisco IOS、IOS XE、NX-OS 及 Cisco Unified Communications Manager 軟件中的漏洞。未通過認證的遠端攻擊者可以利用有關功能或規約來攻擊這些漏洞,包括會話初始協議 (SIP)、DHCPv6 relay 功能,互聯網密碼匙交換第二版本(IKEv2) 分段碼的處理、 smart install 用戶端安裝功能、Locator/ID Separation Protocol (LISP)、以及 Wide Area Application Services (WAAS) Express 功能。
這些漏洞可透過多種方式攻擊,遠端攻擊者可向受影響裝置傳送異常的 SIP 訊息或 LISP 封包、特製的 DHCPv6 relay 訊息、UDP 封包、Smart Install 封包或 TCP 分段。
關於受影響產品的詳細資料,請參閱供應商網站相關安全公告中 “Affected Products” 的部分:
01. Cisco IOS 、IOS XE 及 Cisco Unified Communications Manager 軟件 Session Initiation Protocol 記憶體洩漏漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip
02. Cisco IOS 及 IOS XE 軟件 DHCPv6 Relay 服務阻斷漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
03. Cisco IOS 及 IOS XE 軟件互聯網密碼匙交換第二版本分段服務阻斷漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2
04. Cisco IOS 及 IOS XE 軟件 Smart Install 服務阻斷漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
05. Cisco IOS 及 NX-OS 軟件 Locator/ID Separation Protocol 封包服務阻斷漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp
06. Cisco IOS 軟件 Wide Area Application Services Express 服務阻斷漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f
成功利用這些漏洞可以引致受影響服務受阻斷或裝置重新啓動。
適用於受影響系統的修補程式已可獲取。受影響系統的用戶應遵從產品供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Obtaining Fixed Software” 的部分。
http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f
https://www.hkcert.org/my_url/en/alert/16032401
https://www.us-cert.gov/ncas/current-activity/2016/03/23/Cisco-Release-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1351