Now who was looking for that major IOS vulnerability ????

Started by icecream-guy, April 14, 2016, 07:45:19 AM

Previous topic - Next topic

icecream-guy

forget who it was, but it finally came true

Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability
Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol (NMSP) port.

Vulnerable Products
Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 are affected.

Workaround: None.

Alert Notice
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms

CSCum62591 Bug ID is weird regarding subject of I'nconsistency in NMSP default behavior on NG3k'
reference to Cisco Catalyst Switches running software versions prior to 3.6(1)E
and product details for Cisco 5700 Series Wireless LAN Controllers

:professorcat:

My Moral Fibers have been cut.

deanwebb

Looks like ya gotta upgrade to 15.2(2)E1 or later on that gear, then.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

icecream-guy

Seems it all has to do with NMSP, which isn't even enabled by default, has to do with VOIP location services, don't know why Cisco but out suck a blanket statement.  I fired up my AS guy, let him figure it out...
:professorcat:

My Moral Fibers have been cut.

icecream-guy

so it seems to be an issue on 3K switches running  15.2.2E1 where NMSP is enabled.  my AS guy said that the advisory was a bit over the top.
:professorcat:

My Moral Fibers have been cut.

deanwebb

Maybe Cisco wants us all to know that security is SRS BSNS for them.

Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.