ID de Prueba:	1.3.6.1.4.1.25623.1.0.106297
Categoría:	CISCO
Título:	Cisco IOS Software DNS Forwarder Denial of Service Vulnerability
Resumen:	A vulnerability in the DNS forwarder functionality of Cisco IOS Software;could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present;in the device's local DNS cache, or read part of the process memory.
Descripción:	Summary: A vulnerability in the DNS forwarder functionality of Cisco IOS Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. Vulnerability Insight: The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by intercepting and crafting a DNS response message to a client DNS query that was forwarded from the affected device to a DNS server. Vulnerability Impact: A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Solution: See the referenced vendor advisory for a solution. CVSS Score: 8.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6380 BugTraq ID: 93201 http://www.securityfocus.com/bid/93201 Cisco Security Advisory: 20160928 Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 http://www.securitytracker.com/id/1036914
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.