Home program hacking knowledge NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you’ve got patching...

NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you’ve got patching to do, too –

119
0


Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

- image - NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you’ve got patching to do, too –

Credits: ABC News

Cisco has published patches for a plethora of problems with its products, including vulns that could trigger denial-of-service conditions – and a sneaky one that “could allow an authenticated, remote attacker to execute arbitrary commands with root privileges”.

The root vuln exists in the NX-API feature of Cisco’s NX-OS switch operating system and comes about because NX-API does not correctly validate user-inputted .

According to Cisco: “An attacker could exploit this by sending malicious HTTP or HTTPS packets to the management interface of an affected system that has the NX-API feature enabled.” These packets are seemingly not authenticated, allowing a random person to gain full control over the target device.

NX-API is disabled by default. The vuln affects a large number of Cisco’s Nexus (n)000 series switches as well as the MDS 9000 Series. Although the vuln has been allocated a CVE number (2019-1614), no further details of the exploit are publicly available at the time of writing. Patches are available from the Cisco website.

D’ohS

Another NX-OS vuln disclosed by Switchzilla today exists in the OS’s network stack. It allows a miscreant to trigger a denial-of-service condition by crapflooding switches running NX-OS with “crafted TCP streams” in a “sustained” way. This causes the stack to “run out of available buffers”, in Cisco’s words, eventually overwhelming the switch and causing it to go and curl up in the corner for a while, gently rocking and murmuring to itself about load balancing.

NX-OS has also been patched for a second DoS trigger, this time one that exists in Cisco’s implementation of LDAP in both NX-OS and Cisco FXOS. Improper parsing of LDAP packets causes a condition that could be exploited by an attacker who has the IP address “of an LDAP server configured on the targeted device”. A successful exploit causes the target device to reboot, triggering a temporary DoS condition. Patches are available here.

Cisco’s full set of patches issued this week for NX-OS and FXOS devices are all available on its website. Last year a slightly more critical set of NX-OS and FXOS were pushed out in June. Happy installing!

- logo16 - NX-OS-hit! Got Cisco Nexus and MDS 9000 switches? Then you’ve got patching to do, too –

www.extremehacking.org

Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here