Test Kennung:	1.3.6.1.4.1.25623.1.0.106259
Kategorie:	CISCO
Titel:	Cisco IOS Software IKEv1 Information Disclosure Vulnerability
Zusammenfassung:	A vulnerability in IKEv1 packet processing code in Cisco IOS Software;could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the;disclosure of confidential information.
Beschreibung:	Summary: A vulnerability in IKEv1 packet processing code in Cisco IOS Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Vulnerability Insight: The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. Vulnerability Impact: A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Solution: The vendor has released updates, please see the referenced vendor advisory for more information on the fixed versions. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6415 BugTraq ID: 93003 http://www.securityfocus.com/bid/93003 Cisco Security Advisory: 20160916 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 http://www.securitytracker.com/id/1036841
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.