Buffer overflow

2019-09-2521:15:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.

CPENameOperatorVersion
ioseq16.6.4
ioseq16.9.1
ioseq>= 3.16.8s AND < 16.3.8
ioseq16.6.5
ioseq16.9.2
iosge16.10.1
ioslt16.11.1

Name	Operator	Version
ios	eq	16.6.4
ios	eq	16.9.1
ios	eq	>= 3.16.8s AND < 16.3.8
ios	eq	16.6.5
ios	eq	16.9.2
ios	ge	16.10.1
ios	lt	16.11.1

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp