Test ID:	1.3.6.1.4.1.25623.1.0.106340
Category:	CISCO
Title:	Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability (cisco-sa-20161005-otv)
Summary:	A vulnerability in the Overlay Transport Virtualization (OTV); generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series; Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected; system or to remotely execute code.
Description:	Summary: A vulnerability in the Overlay Transport Virtualization (OTV) generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code. Vulnerability Insight: The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. Vulnerability Impact: An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the OTV related process on the affected device. Solution: See the referenced vendor advisory for a solution. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1453 BugTraq ID: 93409 http://www.securityfocus.com/bid/93409 Cisco Security Advisory: 20161005 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv http://www.securitytracker.com/id/1036946
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.