Vigil@nce - Cisco NX-OS: filtering bypassing because of packet logging
August 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send a large amount of redundant packets to Cisco
NX-OS, in order to bypass the filtering rules.
Impacted products: Cisco Nexus, NX-OS
Severity: 2/4
Creation date: 06/08/2014
DESCRIPTION OF THE VULNERABILITY
The Cisco NX-OS can be configured to log forbidden packets.
However, when logging is enabled, a small part of the packet
stream is actually forwarded instead of being dropped. Technical
details are unknown.
An attacker can therefore send a large amount of redundant packets
to Cisco NX-OS, in order to bypass the filtering rules.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-NX-OS-filtering-bypassing-because-of-packet-logging-15129