一、 漏洞 CVE-2018-0136 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
Cisco 聚合服务路由器(ASR)9000系列中Cisco IOS XR软件释放5.3.4的IPv6子系统的一个漏洞可能导致未验证的远程攻击者触发一个或多个Trident基于Line卡的重载,导致拒绝服务(DoS)状态。该漏洞是由于错误处理具有破碎头扩展的IPv6 packets引起的。攻击者可以通过向或通过基于Trident的Line卡发送旨在触发问题的IPv6 packets来利用此漏洞。成功利用可能会导致攻击者触发基于Trident的Line卡的重载,导致Line卡在重启过程中产生DoS。当以下条件满足时,该漏洞会影响Cisco 聚合服务路由器(ASR)9000系列:路由器正在运行Cisco IOS XR软件释放5.3.4,路由器已安装具有IPv6配置的Trident基于Line卡。已提供软件维护升级(SMU),解决了此漏洞。该修复已被纳入Cisco IOS XR软件释放5.3.4的服务包7中。Cisco Bug ID:CSCvg46800。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
来源:AIGC 神龙大模型
漏洞类别
N/A
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
输入验证不恰当
来源:美国国家漏洞数据库 NVD
漏洞标题
Cisco Aggregation Services Router 9000 Series Cisco IOS XR Software 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Cisco Aggregation Services Router(ASR)9000 Series是美国思科(Cisco)公司的9000系列无线控制器产品。Cisco IOS XR Software是其中的一套模块化、分布式的网络操作系统。 Cisco Aggregation Services Router (ASR) 9000 Series中的Cisco IOS XR Software 5.3.4版本的IPv6子系统存在拒绝服务漏洞,该漏洞源于程序没有正确的处理IPv6数据包。当路由器安装有基于Trid
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2018-0136 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2018-0136 的情报信息