CiscoIOS远程拒绝服务漏洞

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

漏洞信息

Cisco IOS是一款流行的网络操作系统。

Cisco IOS Stack Group Bidding Protocol (SGBP)机制不正确处理SGBP协议,远程攻击者可以利用漏洞对设备进行拒绝服务攻击。

SGBP协议是多机架多链路点到点协议(MMP)实现,Cisco IOS的SGBP实现在处理畸形UDP包时存在问题,发送恶意UDP包当9900端口可导致设备挂起并停止响应。造成拒绝服务攻击。

用户可根据如下的命令查看是否起用SGBP协议:

* 系统支持但没有起用SGBP将返回如下信息:

Router#show sgbp

Router#

* 系统不支持SGBP将返回如下错误消息:

Router#show sgbp

Router#show sgbp

% Invalid input detected at '^' marker.

厂商解决方案

可参考供给商的如下链接获得补丁信息:

http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.sHtml

漏洞提供者

Cisco

漏洞消息链接

http://marc.theaimsgroup.com/?l=bugtraq&m=113761985600401&w=2

漏洞消息标题

Cisco Security Advisory: IOS Stack Group Bidding Protocol Crafted Packet DoS

BUGTRAQ ID: 16303

CNCAN ID:CNCAN-2006011903

漏洞消息时间:2006-01-18

漏洞起因

异常条件处理失败错误

影响系统

Cisco IOS 12.4 XB

Cisco IOS 12.4 XA

Cisco IOS 12.4 T

Cisco IOS 12.4 MR

Cisco IOS 12.4

Cisco IOS 12.3 YX

Cisco IOS 12.3 YU

Cisco IOS 12.3 YT

Cisco IOS 12.3 YQ

Cisco IOS 12.3 YM

Cisco IOS 12.3 YK

Cisco IOS 12.3 YJ

Cisco IOS 12.3 YG

Cisco IOS 12.3 YF

Cisco IOS 12.3 XW

Cisco IOS 12.3 XU

Cisco IOS 12.3 XQ

Cisco IOS 12.3 XM

Cisco IOS 12.3 XJ

Cisco IOS 12.3 XI

Cisco IOS 12.3 XH

Cisco IOS 12.3 XF

Cisco IOS 12.3 XD

Cisco IOS 12.3 XB

Cisco IOS 12.3 T

Cisco IOS 12.3 BW

Cisco IOS 12.3 BC

Cisco IOS 12.3 B

Cisco IOS 12.3

Cisco IOS 12.2 ZN

Cisco IOS 12.2 ZJ

Cisco IOS 12.2 ZE

Cisco IOS 12.2 ZD

Cisco IOS 12.2 ZB

Cisco IOS 12.2 ZA

Cisco IOS 12.2 YZ

Cisco IOS 12.2 YY

Cisco IOS 12.2 YX

Cisco IOS 12.2 YW

Cisco IOS 12.2 YT

QQread.com

推出各大专业服务器评测 Linux服务器的安全性能

SUN服务器

HP服务器

DELL服务器

IBM服务器

联想服务器

浪潮服务器

曙光服务器

同方服务器

华硕服务器

宝德服务器

Cisco IOS 12.2 YN

Cisco IOS 12.2 YE

Cisco IOS 12.2 YD

Cisco IOS 12.2 XV

Cisco IOS 12.2 XT

Cisco IOS 12.2 XS

Cisco IOS 12.2 XL

Cisco IOS 12.2 XK

Cisco IOS 12.2 XG

Cisco IOS 12.2 XF

Cisco IOS 12.2 XC

Cisco IOS 12.2 XB

Cisco IOS 12.2 XA

Cisco IOS 12.2 T

Cisco IOS 12.2 SZ

Cisco IOS 12.2 SY

Cisco IOS 12.2 SU

Cisco IOS 12.2 S

Cisco IOS 12.2 MC

Cisco IOS 12.2 DX

Cisco IOS 12.2 DD

Cisco IOS 12.2 CX

Cisco IOS 12.2 BY

Cisco IOS 12.2 BW

Cisco IOS 12.2 BC

Cisco IOS 12.2 B

Cisco IOS 12.2

Cisco IOS 12.1 YD

Cisco IOS 12.1 YB

Cisco IOS 12.1 YA

Cisco IOS 12.1 XZ

Cisco IOS 12.1 XY

Cisco IOS 12.1 XX

Cisco IOS 12.1 XW

Cisco IOS 12.1 XU

Cisco IOS 12.1 XS

Cisco IOS 12.1 XQ

Cisco IOS 12.1 XM

Cisco IOS 12.1 XL

Cisco IOS 12.1 XI

Cisco IOS 12.1 XH

Cisco IOS 12.1 XD

Cisco IOS 12.1 XA

Cisco IOS 12.1 T

Cisco IOS 12.1 GB

Cisco IOS 12.1 GA

Cisco IOS 12.1 EZ

Cisco IOS 12.1 EX

Cisco IOS 12.1 EC

Cisco IOS 12.1 E

Cisco IOS 12.1 AA

Cisco IOS 12.1

Cisco IOS 12.0 XR

Cisco IOS 12.0 XN

Cisco IOS 12.0 XL

Cisco IOS 12.0 XK

Cisco IOS 12.0 XJ

Cisco IOS 12.0 XI

Cisco IOS 12.0 XH

Cisco IOS 12.0 XG

Cisco IOS 12.0 XE

Cisco IOS 12.0 XD

Cisco IOS 12.0 XC

Cisco IOS 12.0 XA

Cisco IOS 12.0 T

Cisco IOS 12.0 SC

Cisco IOS 12.0 S

Cisco IOS 12.0

危害

远程攻击者可以利用漏洞对设备进行拒绝服务攻击。

攻击所需条件

攻击者必须访问Cisco IOS。

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航