Cisco IOS XE Software for 1000 Series Aggregation Services Routers Fragmented Packet DoS

high Nessus Plugin ID 85255

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The version of Cisco IOS XE software running on the remote Cisco 1000 Series Aggregation Services Router (ASR) is affected by a denial of service vulnerability in the Embedded Services Processor (ESP) due to a flaw in handling the reassembly of fragmented IPv4 or IPv6 packets.
A remote, unauthenticated attacker, by sending a crafted sequence of fragmented packets, can exploit this vulnerability to cause the ESP to crash, leading to a reload of the affected platform.

Solution

Apply the relevant patch referenced in the Cisco Security Advisory.

See Also

https://tools.cisco.com/bugsearch/bug/CSCtd72617

http://www.nessus.org/u?ad3007fa

https://tools.cisco.com/security/center/viewAlert.x?alertId=40212

Plugin Details

Severity: High

ID: 85255

File Name: cisco-sa-20150730-asr1000-iosxe.nasl

Version: 1.8

Type: local

Family: CISCO

Published: 8/6/2015

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version, Host/Cisco/IOS-XE/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 7/30/2015

Vulnerability Publication Date: 7/30/2015

Reference Information

CVE: CVE-2015-4291

CISCO-SA: cisco-sa-20150730-asr1k

CISCO-BUG-ID: CSCtd72617