Vulnerabilities > CVE-2016-6382 - Resource Management Errors vulnerability in Cisco IOS and IOS XE
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family CISCO NASL id CISCO-SA-20160928-MSDP-IOSXE.NASL description According to its self-reported version number and configuration, the remote Cisco IOS XE device is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to improper validation of packets encapsulated in a PIM register message. An unauthenticated, remote attacker can exploit this, by sending an IPv6 PIM register packet to a PIM rendezvous point (RP), to cause the device to restart. (CVE-2016-6382) - A denial of service vulnerability exists in the IPv4 Multicast Source Discovery Protocol (MSDP) implementation due to improper validation of Source-Active (SA) messages received from a configured MSDP peer. An unauthenticated, remote attacker can exploit this to cause the device to restart. (CVE-2016-6392) last seen 2020-06-01 modified 2020-06-02 plugin id 93898 published 2016-10-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93898 title Cisco IOS XE Multicast Routing Multiple DoS (cisco-sa-20160928-msdp) NASL family CISCO NASL id CISCO-SA-20160928-MSDP.NASL description According to its self-reported version number and configuration, the remote Cisco IOS device is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to improper validation of packets encapsulated in a PIM register message. An unauthenticated, remote attacker can exploit this, by sending an IPv6 PIM register packet to a PIM rendezvous point (RP), to cause the device to restart. (CVE-2016-6382) - A denial of service vulnerability exists in the IPv4 Multicast Source Discovery Protocol (MSDP) implementation due to improper validation of Source-Active (SA) messages received from a configured MSDP peer. An unauthenticated, remote attacker can exploit this to cause the device to restart. (CVE-2016-6392) last seen 2020-06-01 modified 2020-06-02 plugin id 93899 published 2016-10-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93899 title Cisco IOS Multicast Routing Multiple DoS (cisco-sa-20160928-msdp)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp
- http://www.securityfocus.com/bid/93211
- http://www.securityfocus.com/bid/93211
- http://www.securitytracker.com/id/1036914
- http://www.securitytracker.com/id/1036914
- https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04
- https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04