=====================================================================

                           CERT-Renater

               Note d'Information No. 2013/VULN320
_____________________________________________________________________

DATE                : 02/08/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco software implementing OSPF LSA protocol,
                   Cisco IOS Software, Cisco IOS-XE Software,
                   Cisco ASA Software, Cisco PIX Software,
                   Cisco FWSM Software, Cisco NX-OS Software,
                   Cisco StarOS Software.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf
______________________________________________________________________

Cisco Security Advisory: OSPF LSA Manipulation Vulnerability in Multiple
Cisco Products

Advisory ID: cisco-sa-20130801-lsaospf

Revision 1.0

For Public Release 2013 August 1 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Multiple Cisco products are affected by a vulnerability involving the
Open Shortest Path First (OSPF) Routing Protocol Link State
Advertisement (LSA) database. This vulnerability could allow an
unauthenticated attacker to take full control of the OSPF Autonomous
System (AS) domain routing table, blackhole traffic, and intercept
traffic.

The attacker could trigger this vulnerability by injecting crafted OSPF
packets. Successful exploitation could cause flushing of the routing
table on a targeted router, as well as propagation of the crafted OSPF
LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine
certain parameters within the LSA database on the target router. This
vulnerability can only be triggered by sending crafted unicast or
multicast LSA type 1 packets. No other LSA type packets can trigger
this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path
First (FSPF) protocol is not affected by this vulnerability.

Cisco IOS-XE Software
Cisco has released free software updates that address this
vulnerability. Workarounds that mitigate this vulnerability are
available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf

======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================