CVE-2016-6441
published 2016-11-03CVE-2016-6441: A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of…
PriorityP263critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.90%
91.0th percentile
A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers (ASR902, ASR903, and ASR907) that are running the following releases of Cisco IOS XE Software: 3.17.0S 3.17.1S 3.17.2S 3.18.0S 3.18.1S. More Information: CSCuy15175. Known Affected Releases: 15.6(1)S 15.6(2)S. Known Fixed Releases: 15.6(1)S2.12 15.6(1.17)S0.41 15.6(1.17)SP 15.6(2)SP 16.4(0.183) 16.5(0.10).
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | asr_900_series_aggregation_services_routers | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for malformed/malicious inbound requests to the TL1 port on Cisco ASR 900 Series devices (ASR902, ASR903, ASR907); unexpected device reloads may indicate exploitation attempts. ↗
- →The vulnerability is triggered by incomplete bounds checks on input data; look for oversized or malformed TL1 input payloads targeting ASR 900 series routers. ↗
- →Track Cisco bug ID CSCuy15175 for patch status and additional indicators associated with this vulnerability. ↗
- ·Affected IOS XE releases are 3.17.0S, 3.17.1S, 3.17.2S, 3.18.0S, and 3.18.1S on ASR902, ASR903, and ASR907 devices; verify device model and software version before applying detections. ↗
- ·Workarounds exist for this vulnerability in addition to software updates; consult the Cisco advisory for workaround details to reduce exposure of the TL1 port. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g5ff-5f8x-677m: A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a re
ghsa_unreviewed·2022-05-17
CVE-2016-6441 [CRITICAL] CWE-119 GHSA-g5ff-5f8x-677m: A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a re
A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers (ASR902, ASR903, and ASR907) that are running the following releases of Cisco IOS XE Software: 3.17.0S 3.17.1S 3.17.2S 3.18.0S 3.18.1S. More Information: CSCuy15175. Known Affected Releases: 15.6(1)S 15.6(2)S. Known Fixed Releases: 15.6(1)S2.12 15.6(1.17)S0.41 15.6(1.17)SP 15.6(2)SP 16.4(0.183) 16.5(0.10).
Cisco
Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
vendor_cisco·2016-11-02·CVSS 10.0
CVE-2016-6441 [CRITICAL] CWE-119 Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system.
The vulnerability exists because the affected software performs incomplete bounds checks on input data. An attacker could exploit this vulnerability by sending a malicious request to the TL1 port, which could cause the device to reload. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system.
Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This
Cisco
Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
vendor_cisco
CVE-2016-6441 Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
CVE-2016-6441: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks on input data. An attacker could exploit this vulnerability by sending a malicious request to the TL1 port, which could cause the device to reload. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Cisco has released software updates that address this vulnerability. There are
CWE: CWE-119, CWE-119
Bug IDs: CSCuy15
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/94072http://www.securitytracker.com/id/1037179https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tl1http://www.securityfocus.com/bid/94072http://www.securitytracker.com/id/1037179https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tl1
2016-11-03
Published