Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System

From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
To: bugtraq@securityfocus.com
Cc: psirt@cisco.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System
Date:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System

Advisory ID: cisco-sa-20140924-mdns

Revision 1.0

For Public Release 2014 September 24 16:00  UTC (GMT)

Summary
+======

The Cisco IOS Software implementation of the multicast Domain Name System (mDNS) feature contains the following vulnerabilities when processing mDNS packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition:

Cisco IOS Software mDNS Gateway Memory Leak Vulnerability
Cisco IOS Software mDNS Gateway Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns

Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html



-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJUIZNeAAoJEIpI1I6i1Mx3euMP/0ptD3acwXkieo5NTQEYXU2L
cMlnxkTZnXzzjkGAcy0eJKhHAh9JI0FU5DcEVmMbTd7qXnm2sixFYR27dxMCJBaG
Quj5RgGGz2KUFNGO87+JX8zw8yBKyknN8eO7njBb6c99UHAv/GVZAjnwcDEbRM3L
G7/C7S7ZVkk8w63U46CsVV5eaGj2RQnbZx3jYNhPKjZnCc/MQSM87nnTuR8RjkCm
wlrReK6BjxtJ13R3o2NmWzSJWSsc8N81pvIooJdaBCqlGZ4e/j06Z5+S5CF3DGiJ
xJvEdKGdvLRo14hUtQLJ8Vx8bJMkHBdr7Bernmca/8AIeXEMdc61ZGs8bS72Magh
JbiJIT7B3jQXdjzQpQ/mHKNoghkI302g3H6egrtsCBWr+lepEIfmHLf4h0LueqWh
pVQPqXWAGg+5AR1ABvP+mwtQuz/psboXpacMM8keZ2a/6uS82tf3lTXR/8zBd+Om
sGbhBYIkO67Cp/Zn2CNY1v9Pg8f4tNAkATazg2Mvt4QfOlRUFRYBdyV2LZLSDCJ4
9/Pw8s7pLMMFpt90pBzIBUY+FsiGkWoHduMO7/O93Zw4Y2n2vnRYFkyuFQFphBuO
M2Yb20vqO9tsELTt0MDmdfXf40HhhAUF6zbw6fWa4SCV4CwZn6h8eAZttsqQQqxl
cdgZjAsAV5dsoejxk0LC
=7Kkh
-----END PGP SIGNATURE-----





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.