Cisco Security Advisory - Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device. The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.
86c86ce647dd4d86d2f4e897f5eaf3298c3d789c2a636de21ab0d0483a2c8e91
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco IOS Software Metadata Vulnerabilities
Advisory ID: cisco-sa-20140924-metadata
Revision 1.0
For Public Release 2014 September 24 16:00 UTC (GMT)
Summary
+======
Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device.
The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition.
Cisco has released free software updates that address these vulnerabilities.
Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata
Note: The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link:
https://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org
iQIcBAEBAgAGBQJUIZNfAAoJEIpI1I6i1Mx3SpwP/jfNLKisT8kvgV2iMhFr0Z2w
1oOqnYmG1WWNh/yXh+uKIPeHUDSYjsW1ntAP/vnuw1Op2UDPMl1fTWe4AWo8huOf
R2cq3dCBZRfKmlhfJAGuqaramkAITwLPNsODwIHZUwXYQPrHnlZB7c/Ry8dkE+d5
ATGeGFS9nDnboAKyRFyusLarQ95X+Yukpq/BmGLXd+neuC+tz4x1PCBvQJdeqaMx
Fg2r94dg0mhzwYJ/HBLVUk4OJRYhJxUeJw7zqrB9GGZnYry+ll8qY9pSbMVpI1Yy
523Okpes5zJ1KNR+uceABj1SSpe0n+LAfqj8ekkzrZz7CQGONYEd39PSor73zKBE
1SmyUVj75hoH3rx45SQLgArvfUXkJZLeSgnstWU7DCIlD5OjxMbazq8nlU9cmD5q
gXKtPLZI8/xREwUjmmowv3ykSscxW7x0EBL/NCG+JcXmTGS26gf8SGsVfkDYIkuo
iLxrgkiuvXtq+SGLdmRnfC7Ts2m/5E1AJHW7V64yZ+tNLW4XM5cMjMtDZXTQdQHN
sQvPe8E4sFFpcSn2vi0Y5weBItr3p+QGDF5HxojPr1NLZz8bHUBWJ6kjYvDynM3C
yGXTgEI7g8vmzcfeBTZCa3Us/qDb+0DZFzt15TpUbZmcuVjcoSo3myp1+XzP7ky2
xC9OlRnpvnRWrSnAXcLe
=E9az
-----END PGP SIGNATURE-----