Cisco IOS and ios xe Software Denial of Service Vulnerability (CVE-2015-0681)
Cisco IOS and ios xe Software Denial of Service Vulnerability (CVE-2015-0681)
Release date:
Updated on:
Affected Systems:
Cisco IOS
Description:
Bugtraq id: 75995
CVE (CAN) ID: CVE-2015-0681
Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.
The TFTP server of Cisco IOS and Cisco ios xe Software has a security vulnerability. unauthenticated remote attackers can exploit this vulnerability to cause heavy load or suspension of devices. This vulnerability is caused by memory management errors when processing TFTP requests.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20150722-tftp) and patches for this:
Cisco-sa-20150722-tftp: Cisco IOS Software TFTP Server Denial of Service Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp
This article permanently updates the link address: