EUVD-2013-1186

Malware in sbrugna...

Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client

Update: 4/9 Cisco PSIRT has released additional guidance available here. Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Several incidents in multiple countries, including some specifical...

Cisco Smart Install - Crash (PoC)

smiibcinitdiscoveryBoF.py import socket import struct from optparse import OptionParser Parse the target options parser = OptionParser parser.addoption"-t", "--target", dest="target", help="Smart Install Client", default="192.168.1.1" parser.addoption"-p", "--port", dest="port", type="int",...

PT-2018-1189 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: The issue is related to the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software, where improper validation of packet data could allow ...

CVE-2016-6385

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service memory consumption via crafted image-list parameters, aka Bug ID CSCuy82367...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system’s Smart Install client implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure device reboot through the list of image parameters created by the Smart Install...