
====================================================================

                             CERT-Renater

                Note d'Information No. 2016/VULN087
_____________________________________________________________________

DATE                : 03/03/2016

HARDWARE PLATFORM(S): Cisco Nexus Platform Switches versions 5500, 5600,
                                      6000.

OPERATING SYSTEM(S): Cisco NX-OS Software.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp
_____________________________________________________________________

Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability

Advisory ID: cisco-sa-20160302-n5ksnmp

Revision 1.0

For Public Release 2016 March 02 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the Simple Network Management Protocol (SNMP) input
packet processor of Cisco Nexus 5500 Platform Switches, Cisco Nexus
5600 Platform Switches, and Cisco Nexus 6000 Series Switches running
Cisco NX-OS Software could allow an unauthenticated, remote attacker to
cause the SNMP application on an affected device to restart
unexpectedly.

The vulnerability is due to improper validation of SNMP Protocol Data
Units (PDUs) in SNMP packets. An attacker could exploit this
vulnerability by sending a crafted SNMP packet to an affected device,
which could cause the SNMP application on the device to restart. A
successful exploit could allow the attacker to cause the SNMP
application to restart multiple times, leading to a system-level
restart and a denial of service (DoS) condition.

Cisco released software updates that address this vulnerability. There
are no workarounds that address this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp


==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================