ID de Prueba:	1.3.6.1.4.1.25623.1.0.106260
Categoría:	CISCO
Título:	Cisco IOS XE Software IKEv1 Information Disclosure Vulnerability
Resumen:	A vulnerability in IKEv1 packet processing code in Cisco IOS XE Software;could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure;of confidential information.
Descripción:	Summary: A vulnerability in IKEv1 packet processing code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Vulnerability Insight: The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. Vulnerability Impact: A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Solution: The vendor has released updates, please see the referenced vendor advisory for more information on the fixed versions. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6415 BugTraq ID: 93003 http://www.securityfocus.com/bid/93003 Cisco Security Advisory: 20160916 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 http://www.securitytracker.com/id/1036841
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.