Details of VAR-201205-0146

ID

VAR-201205-0146

CVE

CVE-2012-2488

TITLE

Cisco ASR 9000 and CRS Series Cisco IOS XR Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-002584

DESCRIPTION

Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. The problem is Bug ID CSCty94537 and CSCtz62593 It is a problem.Denial of service operation via a packet crafted by a third party ( Stop packet transmission ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. On the Processor (PRP). The attacker can send a specially-made packet to the affected system, causing the packet originating from the route processor CPU to stop transmitting to the fabric, and finally triggering the denial of service attack. This issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS). ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Cisco IOS XR Denial of Service Vulnerability SECUNIA ADVISORY ID: SA49329 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49329/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49329 RELEASE DATE: 2012-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/49329/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49329/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49329 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing certain packets and can be exploited to stop outbound packets from being transmitted via specially crafted packets sent to a configured address on the device. NOTE: Transit traffic packets do not trigger this vulnerability. Please see the vendor's advisory for the list of affected products and versions. SOLUTION: Apply updates. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2012-2488 // JVNDB: JVNDB-2012-002584 // CNVD: CNVD-2012-2953 // BID: 53728 // VULHUB: VHN-55769 // PACKETSTORM: 113163

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-2953

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.2	Trust: 2.5
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.3	Trust: 2.5
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.1	Trust: 2.5
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.4	Trust: 2.5
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.0	Trust: 1.6
vendor:	cisco	model:	crs performance route processor	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9000 rsp440 router	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lte	version:	4.2.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.0	Trust: 0.9
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2	Trust: 0.9
vendor:	cisco	model:	crs performance route processor	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asr	scope:	eq	version:	90100	Trust: 0.9
vendor:	cisco	model:	asr	scope:	eq	version:	90060	Trust: 0.9
vendor:	cisco	model:	asr 9000 series rsp440	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	crs performance route processors	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.3 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.4 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.0 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.1 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.2 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.0 (cisco asr 9000 series rsp440)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.0 (cisco crs performance route processors)	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	ne	version:	4.2.1	Trust: 0.3

sources: CNVD: CNVD-2012-2953 // BID: 53728 // JVNDB: JVNDB-2012-002584 // CNNVD: CNNVD-201205-550 // NVD: CVE-2012-2488

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-2488
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-2488
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201205-550
value:	HIGH
Trust: 0.6
VULHUB:	VHN-55769
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-2488
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-55769
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-55769 // JVNDB: JVNDB-2012-002584 // CNNVD: CNNVD-201205-550 // NVD: CVE-2012-2488

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-55769 // JVNDB: JVNDB-2012-002584 // NVD: CVE-2012-2488

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-550

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201205-550

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002584

PATCH

title:	cisco-sa-20120530-iosxr	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr	Trust: 0.8
title:	cisco-sa-20120530-iosxr	url:	http://www.cisco.com/cisco/web/support/JP/111/1111/1111200_cisco-sa-20120530-iosxr-j.html	Trust: 0.8
title:	Patch for Cisco IOS XR Route Processor Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/17556	Trust: 0.6

sources: CNVD: CNVD-2012-2953 // JVNDB: JVNDB-2012-002584

EXTERNAL IDS

db:	NVD	id:	CVE-2012-2488	Trust: 3.4
db:	BID	id:	53728	Trust: 2.0
db:	SECUNIA	id:	49329	Trust: 1.2
db:	SECTRACK	id:	1027104	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-002584	Trust: 0.8
db:	CNNVD	id:	CNNVD-201205-550	Trust: 0.7
db:	CNVD	id:	CNVD-2012-2953	Trust: 0.6
db:	NSFOCUS	id:	19719	Trust: 0.6
db:	CISCO	id:	20120530 CISCO IOS XR SOFTWARE ROUTE PROCESSOR DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-55769	Trust: 0.1
db:	PACKETSTORM	id:	113163	Trust: 0.1

sources: CNVD: CNVD-2012-2953 // VULHUB: VHN-55769 // BID: 53728 // JVNDB: JVNDB-2012-002584 // PACKETSTORM: 113163 // CNNVD: CNNVD-201205-550 // NVD: CVE-2012-2488

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120530-iosxr	Trust: 2.7
url:	http://www.securityfocus.com/bid/53728	Trust: 1.7
url:	http://www.securitytracker.com/id?1027104	Trust: 1.1
url:	http://secunia.com/advisories/49329	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2488	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2488	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/19719	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps5845/index.html	Trust: 0.3
url:	http://secunia.com/advisories/49329/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=49329	Trust: 0.1
url:	http://secunia.com/psi_30_beta_launch	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/49329/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2012-2953 // VULHUB: VHN-55769 // BID: 53728 // JVNDB: JVNDB-2012-002584 // PACKETSTORM: 113163 // CNNVD: CNNVD-201205-550 // NVD: CVE-2012-2488

CREDITS

Cisco

Trust: 0.9

sources: BID: 53728 // CNNVD: CNNVD-201205-550

SOURCES

db:	CNVD	id:	CNVD-2012-2953
db:	VULHUB	id:	VHN-55769
db:	BID	id:	53728
db:	JVNDB	id:	JVNDB-2012-002584
db:	PACKETSTORM	id:	113163
db:	CNNVD	id:	CNNVD-201205-550
db:	NVD	id:	CVE-2012-2488

LAST UPDATE DATE

2024-11-23T22:27:33.471000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-2953	date:	2012-06-01T00:00:00
db:	VULHUB	id:	VHN-55769	date:	2012-08-25T00:00:00
db:	BID	id:	53728	date:	2012-08-16T11:10:00
db:	JVNDB	id:	JVNDB-2012-002584	date:	2012-06-01T00:00:00
db:	CNNVD	id:	CNNVD-201205-550	date:	2012-06-01T00:00:00
db:	NVD	id:	CVE-2012-2488	date:	2024-11-21T01:39:08.737

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-2953	date:	2012-06-01T00:00:00
db:	VULHUB	id:	VHN-55769	date:	2012-05-31T00:00:00
db:	BID	id:	53728	date:	2012-05-30T00:00:00
db:	JVNDB	id:	JVNDB-2012-002584	date:	2012-06-01T00:00:00
db:	PACKETSTORM	id:	113163	date:	2012-05-31T04:10:56
db:	CNNVD	id:	CNNVD-201205-550	date:	2012-05-30T00:00:00
db:	NVD	id:	CVE-2012-2488	date:	2012-05-31T10:17:38.763