====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN198
_____________________________________________________________________

DATE                : 30/06/2017

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco IOS, CISCO IOS XE.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
____________________________________________________________________

Cisco Security Advisory: SNMP Remote Code Execution Vulnerabilities in
Cisco IOS and IOS XE Software

Advisory ID: cisco-sa-20170629-snmp

Revision: 1.0

For Public Release: 2017 June 29 16:00 GMT

Last Updated: 2017 June 29 16:00 GMT

CVE ID(s): CVE-2017-6736, CVE-2017-6737, CVE-2017-6738, CVE-2017-6739,
CVE-2017-6740, CVE-2017-6741, CVE-2017-6742, CVE-2017-6743,
CVE-2017-6744

CVSS Score v(3): 8.8/8.2
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

+---------------------------------------------------------------------

Summary
=======
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS
and IOS XE Software contains multiple vulnerabilities that could allow
an authenticated, remote attacker to remotely execute code on an
affected system or cause an affected system to reload. An attacker
could exploit these vulnerabilities by sending a crafted SNMP packet to
an affected system via IPv4 or IPv6. Only traffic directed to an
affected system can be used to exploit these vulnerabilities.

The vulnerabilities are due to a buffer overflow condition in the SNMP
subsystem of the affected software. The vulnerabilities affect all
versions of SNMP Versions 1, 2c, and 3. To exploit these
vulnerabilities via SNMP Version 2c or earlier, the attacker must know
the SNMP read-only community string for the affected system. To exploit
these vulnerabilities via SNMP Version 3, the attacker must have user
credentials for the affected system. A successful exploit could allow
the attacker to execute arbitrary code and obtain full control of the
affected system or cause the affected system to reload.

Cisco will release software updates that address these vulnerabilities.
There are workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp"]

==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================