Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability

Bugtraq ID:	52027
Class:	Design Error
CVE:	CVE-2012-0352
Remote:	Yes
Local:	No
Published:	Feb 15 2012 12:00AM
Updated:	Feb 17 2012 05:20PM
Credit:	Cisco
Vulnerable:	Cisco NX-OS 5.1(1) Cisco NX-OS 5.1(1) Cisco NX-OS 5.0(2) Cisco NX-OS 5.0(0.54) Cisco NX-OS 5.0 Cisco NX-OS 4.2.1 Cisco NX-OS 4.2(6) Cisco NX-OS 4.2(5) Cisco NX-OS 4.2(4) Cisco NX-OS 4.2(3) Cisco NX-OS 4.2(2) Cisco NX-OS 4.2(1)N2(1) Cisco NX-OS 4.1(4) Cisco NX-OS 4.1(3)N2(1a) Cisco NX-OS 4.1(1)N2(1) Cisco NX-OS 4.0(1a)N2(1) Cisco NX-OS 0 Cisco Nexus 7000 0 Cisco Nexus 5000 0 Cisco Nexus 1000V 0
Not Vulnerable:	Cisco NX-OS 5.1.1 Cisco NX-OS 5.0.5 Cisco NX-OS 5.0(2)N1(1) Cisco NX-OS 4.2.8 Cisco NX-OS 4.2(1)SV1(5.1)

Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability

Multiple Cisco Nexus devices are prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause the device to crash, denying service to legitimate users.

The following devices are affected:

Cisco Nexus 1000V
Cisco Nexus 5000
Cisco Nexus 7000

This issue is documented by Cisco Bug IDs CSCti23447, CSCti49507, and CSCtj01991.

Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability

To exploit this issue, attackers can use readily available network utilities.

Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability

Solution:
The vendor has released updates. Please see the referenced advisory for details.

Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability

References:

• Cisco Nexus 1000V Series Switches Homepage (Cisco)
  
• Cisco Nexus 5000 Series Switches Homepage (Cisco)
  
• Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability (Cisco)