CVE-2017-6770 Cisco IOS OSPF LSA Manipulation Vulnerability (cisco-sa-20170727-ospf)

漏洞类别:Cisco

漏洞等级:

漏洞信息

Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic.
The attacker could exploit this vulnerability by injecting crafted OSPF packets.

漏洞危害

Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

解决方案

Patch:
Following are links for downloading patches to fix the vulnerabilities:

cisco-sa-20170727-ospf

Leave a Reply