漏洞银行丨0daybank

0DayBank一个专门收集整理全球互联网漏洞的公开发布网站
  1. 首页
  2. CVE
  3. 正文

Cisco IOS IKEv1 Information Disclosure Vulnerability (cisco-sa-20160916-ikev1)

2016-09-20 1241点热度 0人点赞 0条评论

漏洞类别:Cisco

漏洞等级:

漏洞信息

A vulnerability in IKEv1 packet processing code in Cisco IOS Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.
The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests.

漏洞危害

An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

解决方案

Refer to Cisco advisory cisco-sa-20160916-ikev1 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

cisco-sa-20160916-ikev1: Cisco IOS

0day

标签: 暂无
最后更新:2016-10-22

admin

这个人很懒,什么都没留下

点赞
< 上一篇
下一篇 >

文章评论

您需要 登录 之后才可以评论

COPYRIGHT © 2021 0daybank.org. ALL RIGHTS RESERVED.

Theme Kratos Made By Seaton Jiang