Nexpose Vulnerability Database
Cisco IOS NTP Buffer Overflow
Severity |
CVSS |
Published |
Added |
Modified |
|---|---|---|---|---|
| Critical (10) | 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jun 18, 2001 | Nov 1, 2004 | Apr 8, 2011 |
Description:
By sending a carefully crafted NTP packet, it is possible to force the NTP daemon to overflow an internal buffer. Successful exploitation of this overflow will result in remote code execution.
Consult the official Cisco advisory for more information.
References:
- BID: http://www.securityfocus.com/bid/2540
- CALDERA: ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2001-013.0.txt
- CONECTIVA: http://distro.conectiva.com/atualizacoes/?id=a&anuncio=CLA-2001:392
- CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0414
- DEBIAN: http://www.debian.org/security/DSA-/DSA-045
- MANDRAKE: http://www.mandriva.com/security/advisories?name=MDKSA-2001:036
- NETBSD: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-004.txt.asc
- OSVDB: http://www.osvdb.org/displayvuln.php?osvdb_id=805
- OVAL: http://oval.mitre.org/oval/definitions/data/OVAL3831.html
- REDHAT: http://rhn.redhat.com/errata/RHSA-2001-045.html
- SUSE: http://www.novell.com/linux/security/advisories.html
- URL: http://marc.theaimsgroup.com/?l=bugtraq&m=98651866104663&w=2
- URL: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3
- XF: http://xforce.iss.net/xforce/xfdb/6321
Solution:
Upgrade to the latest version of Cisco IOS
Download and apply the upgrade from: http://www.cisco.com/univercd/cc/td/doc/product/software/
Upgrade to the latest version of Cisco IOS that your hardware supports. Upgrading IOS is often complicated by the fact that at any given time, Cisco is working on several different release trains simultaneously. Furthermore, upgrading to the latest version of IOS is not always possible without upgrading the router hardware (for example, adding memory). Consult Cisco's IOS support pages for more information the latest IOS releases. Please refer to http://www.cisco.com/warp/public/620/1.html for an explanation of the Cisco IOS versioning scheme.
It is possible to obtain custom-built IOS images via a Cisco support contract. The recommended method for obtaining updated IOS images is to record the results of the "show version" command on the router, and then to obtain a complete list of required fixes and bring this information to your Cisco support representative. Note that security fixes are not necessarily included in the latest releases -- you should specifically ask that the fixes be included in your image. Depending on your configuration, it may take several days to obtain an updated release that works for your hardware.
As of April 2011, the latest supported IOS releases are Cisco IOS 12.4 and 15.1, with the latest "T" family release being 12.4(24)T and 15.1(3)T respectively. Note: as release version 15 is considered a major upgrade, careful consideration should be made before upgrading.
Information on these pages is summary information extracted from the Nexpose Vulnerabilty Assessment system. Full details are provided within the Nexpose product for licensed users.
