Vulnerabilities > CVE-2012-0352 - Resource Management Errors vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID: 52027 CVE ID:CVE-2012-0352 Cisco Nexus系列交换机是数据中心级交换机。采用Cisco Nexus OS操作系统 当操作系统IP栈处理畸形IP报文和从报文中获取第四层(UDP或TCP)信息时Cisco NX-OS软件受拒绝服务漏洞影响,可导致运行受此漏洞影响软件的Cisco Nexus 1000v, 5000和7000系列交换机重载 通过设备(过境)通信和到设备的通信都能触发此漏洞 0 Cisco Nexus 7000 Cisco Nexus 5000 Cisco Nexus 1000V 厂商解决方案 Cisco ----- 用户可参考如下供应商提供的安全公告获得补丁信息: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120215-nxos |
| id | SSV:30128 |
| last seen | 2017-11-19 |
| modified | 2012-02-16 |
| published | 2012-02-16 |
| reporter | Root |
| title | Cisco Nexus设备IP栈远程拒绝服务漏洞 |