This article is more than 1 year old
Cisco hugs sysadmins with a bunch more patches
Nexus switch owners, pay attention
Cisco's ongoing fix-all-the-things effort has emitted its regular weekly round of patches – and some, like in the NX-OS operating system that powers a bunch of its switches, deserve your attention.
There are critical fixes for the NX-OS that powers Nexus switches, and a virtualisation bug in the Nexus 7000 and 7700 switches.
NX-OS can be pwned over SSH if an authorised user passes a malicious value in the login. That gives the attacker the chance to escalate their privilege at the command line.
Any Nexus 1000V to 9000 switch running NX-OS with AAA (authentication, authorisation and accounting) configured, as well as Cisco's Multilayer Director switches, is affected and needs a patch.
The critical-rated Nexus 7000/7700 bug is in the Overlay Transport Virtualisation (OTV) in its generic routing encapsulation (GRE) implementation.
An adjacent attacker – making this a danger in multi-tenant networks – can send malicious OTV packets, force a buffer overflow, and gain “full control of the system”.
Cisco's advisory says sysadmins should check their IS-IS core files for indications of compromise, and if there's cause for concern, the Cisco Technical Assistance Center (TAC) will check the IS-IS to see if you've been attacked.
There are three NX-OS issues rated “high” on the list as well:
There are less-serious bugs splatted in its Unified Intelligence Center software, Firepower, IOS XR, Nexus 9000 switches, and ASA software here. ®