====================================================================


                             CERT-Renater

                 Note d'Information No. 2018/VULN163
_____________________________________________________________________

DATE                : 19/04/2018

HARDWARE PLATFORM(S): Cisco Firepower 2100 Series Security Appliances.

OPERATING SYSTEM(S): Cisco Firepower Threat Defense (FTD) Software.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100
_____________________________________________________________________

Cisco Security Advisory: Cisco Firepower 2100 Series Security Appliances
IP Fragmentation Denial of Service Vulnerability

Advisory ID: cisco-sa-20180418-fp2100

Revision: 1.0

For Public Release: 2018 April 18 16:00 GMT

Last Updated: 2018 April 18 16:00 GMT

CVE ID(s): CVE-2018-0230

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+---------------------------------------------------------------------

Summary

=======

A vulnerability in the internal packet-processing functionality of Cisco
Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series
Security Appliances could allow an unauthenticated, remote attacker to
cause an affected device to stop processing traffic, resulting in a
denial of service (DoS) condition.

The vulnerability is due to the affected software improperly validating
IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software
reassembles the packets. An attacker could exploit this vulnerability by
sending a series of malicious, fragmented IPv4 or IPv6 packets to an
affected device. A successful exploit could allow the attacker to cause
Snort processes on the affected device to hang at 100% CPU utilization,
which could cause the device to stop processing traffic and result in a
DoS condition until the device is reloaded manually.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100"]

==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================