漏洞类别:Cisco
漏洞等级: 
漏洞信息
A vulnerability in the Overlay Transport Virtualization (OTV) generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code.
The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow.
漏洞危害
An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the OTV related process on the affected device.
解决方案
Refer to Cisco advisory cisco-sa-20161005-otv for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论