Title: Cisco IOS OSPF Neighbor Buffer Overflow Vulnerability

Severity: CRITICAL

Description:

A buffer overflow has been reported in the Cisco IOS implementation of the OSPF (Open Shortest Path First) routing protocol.

Cisco IOS is prone to a remotely exploitable buffer overflow condition when handling malformed OSPF packets. The overflow occurs when more than 255 OSPF neighbors are announced. This will cause a local IO memory structure on a device running the software to be corrupted, potentially with attacker-supplied data.

This may make it possible to execute malicious instructions on a device running a vulnerable version of the software. Denial of service is also possible.

This issue corresponds to Cisco Bug ID CSCdp58462.

Affected Products:

Cisco IOS 11.1
Cisco IOS 11.1(20)AA4
Cisco IOS 11.1(24a)
Cisco IOS 11.1(24b)
Cisco IOS 11.1(28a)CT
Cisco IOS 11.1(28a)IA
Cisco IOS 11.1(36)CA2
Cisco IOS 11.1(36)CC2
Cisco IOS 11.1(36)CC4
Cisco IOS 11.1.13
Cisco IOS 11.1.13AA
Cisco IOS 11.1.13CA
Cisco IOS 11.1.13IA
Cisco IOS 11.1.15AA
Cisco IOS 11.1.15CA
Cisco IOS 11.1.15IA
Cisco IOS 11.1.16AA
Cisco IOS 11.1.16IA
Cisco IOS 11.1.17CC
Cisco IOS 11.1.17CT
Cisco IOS 11.1.7AA
Cisco IOS 11.1.7CA
Cisco IOS 11.1.9IA
Cisco IOS 11.1AA
Cisco IOS 11.1CA
Cisco IOS 11.1CC
Cisco IOS 11.1CT
Cisco IOS 11.1IA
Cisco IOS 11.2
Cisco IOS 11.2(11b)T2
Cisco IOS 11.2(17)
Cisco IOS 11.2(19)GS0.2
Cisco IOS 11.2(19a)GS6
Cisco IOS 11.2(23a)BC1
Cisco IOS 11.2(26)P2
Cisco IOS 11.2(26)P2
Cisco IOS 11.2(26a)
Cisco IOS 11.2(26b)
Cisco IOS 11.2(4)
Cisco IOS 11.2(4)XA
Cisco IOS 11.2(4)XAf
Cisco IOS 11.2(8.9)SA6
Cisco IOS 11.2(9)XA
Cisco IOS 11.2.10BC
Cisco IOS 11.2.4F
Cisco IOS 11.2.4F1
Cisco IOS 11.2.8P
Cisco IOS 11.2.8SA1
Cisco IOS 11.2.8SA3
Cisco IOS 11.2.8SA5
Cisco IOS 11.2.9P
Cisco IOS 11.2.9XA
Cisco IOS 11.2BC
Cisco IOS 11.2F
Cisco IOS 11.2GS
Cisco IOS 11.2P
Cisco IOS 11.2SA
Cisco IOS 11.2WA3
Cisco IOS 11.2WA4
Cisco IOS 11.2XA
Cisco IOS 11.3
Cisco IOS 11.3(11b)
Cisco IOS 11.3(11b)T2
Cisco IOS 11.3(11c)
Cisco IOS 11.3(2)XA
Cisco IOS 11.3(7)DB1
Cisco IOS 11.3(8)DB2
Cisco IOS 11.3.11b
Cisco IOS 11.3.1ED
Cisco IOS 11.3.1T
Cisco IOS 11.3AA
Cisco IOS 11.3DA
Cisco IOS 11.3DB
Cisco IOS 11.3HA
Cisco IOS 11.3MA
Cisco IOS 11.3NA
Cisco IOS 11.3T
Cisco IOS 11.3WA4
Cisco IOS 11.3XA
Cisco IOS 12.0
Cisco IOS 12.0(10)S7
Cisco IOS 12.0(10)W5
Cisco IOS 12.0(10)W5(18f)
Cisco IOS 12.0(10)W5(18g)
Cisco IOS 12.0(10a)
Cisco IOS 12.0(11)S6
Cisco IOS 12.0(11)ST4
Cisco IOS 12.0(11a)
Cisco IOS 12.0(12)S3
Cisco IOS 12.0(12)S3
Cisco IOS 12.0(12a)
Cisco IOS 12.0(13)S6
Cisco IOS 12.0(13)W5(19c)
Cisco IOS 12.0(13)WT6(1)
Cisco IOS 12.0(13a)
Cisco IOS 12.0(14)S7
Cisco IOS 12.0(14)ST
Cisco IOS 12.0(14)ST3
Cisco IOS 12.0(14)W5(20)
Cisco IOS 12.0(14a)
Cisco IOS 12.0(15)S3
Cisco IOS 12.0(15)S6
Cisco IOS 12.0(15a)
Cisco IOS 12.0(16)S8
Cisco IOS 12.0(16)SC3
Cisco IOS 12.0(16)ST1
Cisco IOS 12.0(16)W5(21)
Cisco IOS 12.0(16.06)S
Cisco IOS 12.0(16a)
Cisco IOS 12.0(17)
Cisco IOS 12.0(17)S
Cisco IOS 12.0(17)S4
Cisco IOS 12.0(17)SL2
Cisco IOS 12.0(17)SL6
Cisco IOS 12.0(17)ST1
Cisco IOS 12.0(17)ST5
Cisco IOS 12.0(17a)
Cisco IOS 12.0(18)S
Cisco IOS 12.0(18)S5
Cisco IOS 12.0(18)ST1
Cisco IOS 12.0(18)W5(22b)
Cisco IOS 12.0(18)W5(22b)
Cisco IOS 12.0(18b)
Cisco IOS 12.0(2)XE
Cisco IOS 12.0(2)XE?
Cisco IOS 12.0(2b)
Cisco IOS 12.0(3)
Cisco IOS 12.0(3d)
Cisco IOS 12.0(4)XE
Cisco IOS 12.0(4)XE1
Cisco IOS 12.0(4)XM
Cisco IOS 12.0(4)XM1
Cisco IOS 12.0(5)T
Cisco IOS 12.0(5)T1
Cisco IOS 12.0(5)WC 2900XL-LRE
Cisco IOS 12.0(5)WC2
Cisco IOS 12.0(5)WC2
Cisco IOS 12.0(5)WC2
Cisco IOS 12.0(5)WC2b
Cisco IOS 12.0(5)WC2b
Cisco IOS 12.0(5)WC3
Cisco IOS 12.0(5)WC3
Cisco IOS 12.0(5)WC3b
Cisco IOS 12.0(5)WX
Cisco IOS 12.0(5)XE
Cisco IOS 12.0(5)XE
Cisco IOS 12.0(5)XE
Cisco IOS 12.0(5)XE?
Cisco IOS 12.0(5)XK
Cisco IOS 12.0(5)XK
Cisco IOS 12.0(5)XK2
Cisco IOS 12.0(5)XN
Cisco IOS 12.0(5)XN1
Cisco IOS 12.0(5)XS
Cisco IOS 12.0(5)XS?
Cisco IOS 12.0(5)XU
Cisco IOS 12.0(5)YB4
Cisco IOS 12.0(5.1)XP
Cisco IOS 12.0(5.2)XU
Cisco IOS 12.0(5.3)WC1
Cisco IOS 12.0(5.4)WC1
Cisco IOS 12.0(6b)
Cisco IOS 12.0(7)DB2
Cisco IOS 12.0(7)DC1
Cisco IOS 12.0(7)S1
Cisco IOS 12.0(7)SC
Cisco IOS 12.0(7)T
Cisco IOS 12.0(7)T2
Cisco IOS 12.0(7)WX5(15a)
Cisco IOS 12.0(7)XE
Cisco IOS 12.0(7)XE2
Cisco IOS 12.0(7)XF
Cisco IOS 12.0(7)XF1
Cisco IOS 12.0(7)XK
Cisco IOS 12.0(7)XK3
Cisco IOS 12.0(7)XV
Cisco IOS 12.0(7.4)S
Cisco IOS 12.0(7a)
Cisco IOS 12.0(8)
Cisco IOS 12.0(8)S1
Cisco IOS 12.0(8)S1
Cisco IOS 12.0(8.0.2)S
Cisco IOS 12.0(8.3)SC
Cisco IOS 12.0(8a)
Cisco IOS 12.0(9)
Cisco IOS 12.0(9)S
Cisco IOS 12.0(9)S8
Cisco IOS 12.0(9a)
Cisco IOS 12.0.1
Cisco IOS 12.0.1W
Cisco IOS 12.0.1XA3
Cisco IOS 12.0.1XB
Cisco IOS 12.0.1XE
Cisco IOS 12.0.2
Cisco IOS 12.0.2XC
Cisco IOS 12.0.2XD
Cisco IOS 12.0.2XF
Cisco IOS 12.0.2XG
Cisco IOS 12.0.3T2
Cisco IOS 12.0.4S
Cisco IOS 12.0.4T
Cisco IOS 12.0.7(T)
Cisco IOS 12.0DA
Cisco IOS 12.0DB
Cisco IOS 12.0DC
Cisco IOS 12.0S
Cisco IOS 12.0SC
Cisco IOS 12.0SL
Cisco IOS 12.0SP
Cisco IOS 12.0ST
Cisco IOS 12.0SX
Cisco IOS 12.0T
Cisco IOS 12.0W5
Cisco IOS 12.0WC
Cisco IOS 12.0WC
Cisco IOS 12.0WC
Cisco IOS 12.0WT
Cisco IOS 12.0WX
Cisco IOS 12.0XA
Cisco IOS 12.0XB
Cisco IOS 12.0XC
Cisco IOS 12.0XD
Cisco IOS 12.0XE
Cisco IOS 12.0XF
Cisco IOS 12.0XG
Cisco IOS 12.0XH
Cisco IOS 12.0XI
Cisco IOS 12.0XJ
Cisco IOS 12.0XK
Cisco IOS 12.0XL
Cisco IOS 12.0XM
Cisco IOS 12.0XN
Cisco IOS 12.0XP
Cisco IOS 12.0XQ
Cisco IOS 12.0XR
Cisco IOS 12.0XS
Cisco IOS 12.0XU
Cisco IOS 12.0XV
Cisco IOS 12.0XW

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.

J-Security Center

Title: Cisco IOS OSPF Neighbor Buffer Overflow Vulnerability

Severity: CRITICAL

Description:

Affected Products: