Cisco Firepower System Software CVE-2016-6368 Denial of Service Vulnerability
by CIRT Team
Description: The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.
Related CVE: CVE-2016-6368
Impact: A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. Following versions are affected:
- Cisco Virtual Next-Generation Intrusion Prevention System (NGIPSv) 0
- Cisco Sourcefire 3D System Appliances 0
- Cisco Industrial Security Appliance 3000 0
- Cisco FirePOWER Threat Defense for Integrated Services Routers 0
- Cisco Firepower System Software 0
- Cisco FirePOWER Management Center 6.0
- Cisco Firepower 9300 Series Security Appliances 0
- Cisco FirePOWER 8000 Series Appliances 0
- Cisco FirePOWER 7000 Series Appliances 0
- Cisco Firepower 4100 Series Security Appliances 0
- Cisco Advanced Malware Protection (AMP) for Networks 8000 Series Appli 0
- Cisco Advanced Malware Protection (AMP) for Networks 7000 Series Appli 0
- Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER S 0
- Cisco Adaptive Security Appliance (ASA) 5500-X Series Next-Generation 0
Mitigation: Cisco has released software updates that addresses this vulnerability.
Reference URL’s:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort
- http://www.securityfocus.com/bid/97932
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
