#VU6162 Denial of service in Cisco IOS - CVE-2017-3857

Cybersecurity Help s.r.o.

Published: 2017-03-23

Vulnerability identifier: #VU6162

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-3857

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS
Operating systems & Components / Operating system

Vendor:
Cisco Systems, Inc

Description
The vulnerability allows a remote attacker to cause DoS conditions.

The vulnerability exists in the Layer 2 Tunneling Protocol (L2TP) parsing function due to insufficient validation of L2TP packets . An attacker can send a specially crafted L2TP packet and cause the affected device to reload.

Successful exploitation of the vulnerability results in denial of service on the vulnerable device.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco IOS: 12.0, 12.1, 12.2 - 12.2.33, 12.3, 12.4, 15.0, 15.1, 15.2E - 15.2(5c)E, 15.3S - 15.3, 15.4S - 15.4, 15.5S - 15.5.3 S2.9, 15.6S - 15.6.2 SP

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-l2tp

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Cisco IOS/IOS XE