Cisco IOS Software Login Enhancements Login Block Denial of Service Vulnerabilities

2018-03-28T16:00:00
ID CISCO-SA-20180328-SLOGIN
Type cisco
Reporter Cisco
Modified 2018-03-28T15:20:39

Description

A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

The vulnerability is due to an attempt to free an area of memory that has not been previously allocated. An attacker could exploit this vulnerability by attempting to log in to an affected device via SSH or Telnet with invalid credentials multiple times while the administrator modifies the login block-for configuration.

This vulnerability is exploitable only if login block-for has been configured on an affected device. This feature is not enabled by default.

The CVE ID for this vulnerability is: CVE-2018-0180

The SIR for this vulnerability is: Medium

The Cisco bug ID for this vulnerability is: CSCuz60599

A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

The vulnerability is due to an attempt to free an area of memory that has not been previously allocated. An attacker could exploit this vulnerability by attempting to log in to an affected device via Secure Shell (SSH) or Telnet with invalid credentials multiple times.

This vulnerability is exploitable only if both of the following conditions are met:

login quiet-mode access-class has been configured prior to configuring login block-for. These features are not enabled by default.
The device has not been reloaded since that configuration occurred.

The Common Vulnerabilities and Exposures (CVE) ID for this vulnerability is: CVE-2018-0179

The Security Impact Rating (SIR) for this vulnerability is: Medium

The Cisco bug ID for this vulnerability is: CSCuy32360

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

For more information about these vulnerabilities, see the Details ["#details"] section of this security advisory.

There are no workarounds that address both vulnerabilities.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin"]