EUVD-2017-3809

Malware in sbrugna...

CVE-2024-20311

A vulnerability in the Locator ID Separation Protocol LISP feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit...

The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a service failure.

The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to uncontrolled recursion during the processing of LISP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2017-12236

Cisco IOS XE LISP Authentication Bypass (CVE-2017-12236) affects IOS XE 3.2–16.5 when acting as an IPv4/IPv6 map server. A logic regression allows an unauthenticated attacker to bypass EID→RLOC registration checks by sending crafted map-registration requests, potentially injecting invalid EID map...

Cisco IOS XE Software Authentication Bypass Vulnerability

Cisco IOS XE is an operating system developed by the American company Cisco Cisco for its network equipment. A security vulnerability exists in the implementation of the Locator/ID Separation Protocol LISP in Cisco IOS XE. A remote attacker could exploit this vulnerability to bypass authenticatio...

Cisco NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability (cisco-sa-20160323-lisp)

A vulnerability in the Locator/ID Separation Protocol LISP of Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device. Copyright C 2016...

Cisco NX-OS Malformed LISP Packet DoS (CSCuv11993)

The version of Cisco NX-OS software running on the remote device is affected by a denial of service vulnerability in the implementation of the Locator/ID Separation Protocol LISP due to improper input validation when a malformed LISP packet is received. An unauthenticated, remote attacker can...

Design/Logic Flaw

The Locator/ID Separation Protocol LISP implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service device reload via a crafted header in a packet, aka Bug ID CSCuu64279...

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to create a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply...

Cisco IOS LISP ITR DoS (CSCun73782)

The remote Cisco device is potentially affected by an issue related to the handling of certain parameters in Locator/ID Separation Protocol LISP control messages sent to the ingress tunnel router ITR component. A remote, unauthenticated attacker could exploit this issue by sending specially craft...

Design/Logic Flaw

The Locator/ID Separation Protocol LISP implementation in Cisco IOS 15.33S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service CEF outage and packet drops via malformed messages, aka Bug ID CSCun73782...