Cisco IOS and ios xe Software Denial of Service Vulnerability (CVE-2014-3327)

Cisco IOS and ios xe Software Denial of Service Vulnerability (CVE-2014-3327)

Release date:
Updated on:

Affected Systems:
Cisco IOS
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69066
CVE (CAN) ID: CVE-2014-3327
 
Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.
 
The implementation of Cisco IOS and ios xe Software has a remote denial-of-service vulnerability. After successful exploitation, attackers can cause the affected device to overload and cause a denial of service to legitimate users. This vulnerability is caused by processing malformed EnergyWise UDP packets.
 
<* Source: Cisco

Link: http://tools.cisco.com/security/center/viewIpsSignature.x? SignatureId = 4541 & signatureSubId = 0
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
 
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse

This article permanently updates the link address: