PT-2016-7468 · Brocade · Brocade Netiron
Published
2016-10-31
·
Updated
2017-07-29
·
CVE-2016-8203
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Brocade NetIron OS versions 5.8.00 through 5.8.00e
Brocade NetIron OS versions 5.9.00 through 5.9.00bd
Brocade NetIron OS version 6.0.00
Brocade NetIron OS version 6.0.00a
Description
A memory corruption issue in the IPsec code path could allow attackers to cause a denial of service, resulting in a line card reset, via certain constructed IPsec control packets.
Recommendations
For Brocade NetIron OS versions 5.8.00 through 5.8.00e, update to a version outside of this range to resolve the issue.
For Brocade NetIron OS versions 5.9.00 through 5.9.00bd, update to a version outside of this range to resolve the issue.
For Brocade NetIron OS version 6.0.00, update to a version outside of this range to resolve the issue.
For Brocade NetIron OS version 6.0.00a, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting IPsec control packet traffic to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Brocade Netiron