Cisco NetFlow kit can be borked with a bad packet

Also patched today: Cisco Prime Infrastructure

Cisco has disclosed a denial-of-service bug in its NetFlow Generation appliances that remote attackers can attack with a bad packet.

NetFlow Generation kit is used to generate, capture and export network flows for billing, service delivery, and security analysis.

Cisco's advisory warns there's a bug in input validation in its Stream Control Transmission Protocol (SCTP) implementation.

If an attacker sends SCTP packets to a network monitored by a NetFlow Generation Appliance, the device can hang or reboot (the advisory notes that it's not triggered by sending the attack packet directly to the appliance).

The issue affects NGA 3140, 3240 and 3340 units, and Switchzilla has a patch available.

The company's also pushed out a patch for a cross-site scripting vulnerability in Cisco Prime Infrastructure's Web-based management interface.

It's rated “medium” because the attacker would have to trick someone on the inside into clicking a link. ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017