====================================================================

                             CERT-Renater

                  Note d'Information No. 2012/VULN391
____________________________________________________________________

DATE                : 27/09/2012

HARDWARE PLATFORM(S): Cisco Catalyst 4500E Series Switch with
                            Supervisor Engine 7L-E.

OPERATING SYSTEM(S) : Cisco IOS XE versions 03.02.00.XO.15.0(2)XO.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc

______________________________________________________________________

Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine
7L-E Denial of Service Vulnerability

Advisory ID: cisco-sa-20120926-ecc

Revision 1.0

For Public Release 2012 September 26 16:00  UTC (GMT)
+---------------------------------------------------------------------

Summary
=======

The Catalyst 4500E series switch with Supervisor Engine 7L-E contains
a denial of service (DoS) vulnerability when processing specially
crafted packets that can cause a reload of the device.

Cisco has released free software updates that address this
vulnerability.

Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc


Note: The September 26, 2012, Cisco IOS Software Security Advisory
bundled publication includes 9 Cisco Security Advisories. Eight of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS
Software releases that correct the vulnerability or vulnerabilities
detailed in the advisory as well as the Cisco IOS Software releases
that correct all Cisco IOS Software vulnerabilities in the September
2012 bundled publication.

Individual publication links are in "Cisco Event Response: Semi-Annual
Cisco IOS Software Security Advisory Bundled Publication" at the
following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html

======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
=========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44          +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
+ 75013 Paris           | email: certsvp@renater.fr     +
=========================================================