cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
673
Views
0
Helpful
5
Replies

Regarding Crafted ICMP Messages Can Cause Denial of Service

3alee
Level 1
Level 1

Hello

There are many CAt3560 with IOS 12.2(53)SE2 running in my client's  network.  Recently, those switches have been scanned by a tool  "Netformx" and the report shows that IOS 12.2(53)SE2 is affected by advisory " Crafted ICMP Messages Can Cause Denial of Service" and also "

Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability- 111895".

I wanna ask if anyone can confirm whether a Catalyst 3560 running IOS version 12.2(53)SE2 be affected by the above advisories.

http://www.cisco.com/en/US/products/csa/cisco-sa-20050412-icmp.html

http://www.cisco.com/en/US/customer/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/user/guide/configuration/pari.html#wp2119779

Refer to the caveats mentioned in the note, it seems that 12.2(53)SE2 is not a known affected version.

Thanks!

5 Replies 5

Vivek Ganapathi
Level 4
Level 4

All the IOS versions are vulnerable if they have PMTUD related configs in the device. If you go through the PSIRT report, if you are running GRE, IPSEC or L2TP, then you are vulnerable. If you don't have these on them, you are safe

Thanks

Vivek

Thanks a lot!

And how about the "

Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability- 111895"?  I expect it affects only IE 3000 only but not Catalyst series switches, right?

Thanks!

catalyst's are not affected with this vulnerability. But certainly not a good practice to keep your community strings like "public" or "private". Though no other switches will be hardcoded with those community strings, but certainly we "humans" tend to configure it, which is unsafe. Just try eliminating them, if you have any such configs

Thanks

Vivek

*Please do rate helpful posts

Thanks again!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco