Cisco NX-OS Label Distribution Protocol Message Remote Denial of Service Vulnerability
Release date:
Updated on:
Affected Systems:
Cisco NX-OS
Description:
--------------------------------------------------------------------------------
Bugtraq id: 65074
CVE (CAN) ID: CVE-2014-0677
Cisco NX-OS is a data center-level operating system that represents a modular design, always-on and maintainability.
The Cisco NX-OS has a security vulnerability in processing tag Distribution Protocol (LDP) messages that allows unauthenticated remote attackers to cause the affected device to stop accepting valid LDP sessions within 60 seconds. This vulnerability is caused by parsing malformed LDP Hello messages.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0677
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.cisco.com/go/psirt