製品・ソフトウェアに関する情報

JVN脆弱性詳細

Cisco IOS の Neighbor Discovery プロトコル実装におけるサービス運用妨害 (DoS) の脆弱性

Title	Cisco IOS の Neighbor Discovery プロトコル実装におけるサービス運用妨害 (DoS) の脆弱性
Summary	Cisco IOS の IPv6 スタック内にある Neighbor Discovery プロトコル実装には、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。本問題は、Bug ID CSCti33534 の問題です。
Possible impacts	第三者により、異なるソースアドレスを付与された大量の Router Advertisement (RA) メッセージの送信を介して、サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Jan. 7, 2011, midnight
Registration Date	Feb. 24, 2011, 4:35 p.m.
Last Update	Feb. 24, 2011, 4:35 p.m.

Affected System

シスコシステムズ

Cisco IOS 15.0 (1)XA5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-4671	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4671
National Vulnerability Database (NVD)
2	CVE-2010-4671	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4671

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-399	https://jvndb.jvn.jp/ja/cwe/CWE-399.html

ベンダー情報

No	Name	URL
Cisco Systems Inc
1	22291	http://tools.cisco.com/security/center/viewAlert.x?alertId=22291
2	Release Notes for Cisco 800 Series Routers with Cisco IOS Release 15.0(1)XA	http://www.ciscosystems.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf

その他

No	Name	URL
ISS X-Force Database
1	64589	http://xforce.iss.net/xforce/xfdb/64589
Secunia Advisory
2	SA42917	http://secunia.com/advisories/42917
SecurityFocus
3	45760	http://www.securityfocus.com/bid/45760
VUPEN Security
4	VUPEN/ADV-2011-0129	http://www.vupen.com/english/advisories/2011/0129

Change Log

No	Changed Details	Date of change
0	[2011年02月24日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-4671

Summary	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534.
Publication Date	Jan. 7, 2011, 9 p.m.
Registration Date	Jan. 29, 2021, 11:09 a.m.
Last Update	Nov. 21, 2024, 10:21 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:cisco:ios::::::::					15.0\(1\)xa5

Related information, measures and tools

No	URL	タグ
1	http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html	Exploit Third Party Advisory
2	http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-3957-en-ipv6_insecurities.mp3	Exploit Third Party Advisory
3	http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4	Third Party Advisory
4	http://www.ciscosystems.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf	Broken Link
5	http://www.securityfocus.com/bid/45760	Third Party Advisory VDB Entry
6	http://www.youtube.com/watch?v=00yjWB6gGy8	Third Party Advisory
7	https://exchange.xforce.ibmcloud.com/vulnerabilities/64589	Third Party Advisory VDB Entry
8	http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html	Exploit Third Party Advisory
9	https://exchange.xforce.ibmcloud.com/vulnerabilities/64589	Third Party Advisory VDB Entry
10	http://www.youtube.com/watch?v=00yjWB6gGy8	Third Party Advisory
11	http://www.securityfocus.com/bid/45760	Third Party Advisory VDB Entry
12	http://www.ciscosystems.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf	Broken Link
13	http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4	Third Party Advisory
14	http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-3957-en-ipv6_insecurities.mp3	Exploit Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-400	リソースの枯渇	https://cwe.mitre.org/data/definitions/400.html