Description
Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended.
Affected products
- Cisco / catalyst_6500
- Cisco / catalyst_6500_ws-svc-nam-12.2(1a) – 2.2(1a)
- Cisco / catalyst_6500_ws-svc-nam-13.1(1a) – 3.1(1a)
- Cisco / catalyst_6500_ws-svc-nam-22.2(1a) – 2.2(1a)
- Cisco / catalyst_6500_ws-svc-nam-23.1(1a) – 3.1(1a)
- Cisco / catalyst_6500_ws-x6380-nam2.1(2) – 2.1(2)
- Cisco / catalyst_6500_ws-x6380-nam3.1(1a) – 3.1(1a)
- Cisco / catalyst_7600
- Cisco / catalyst_7600
- Cisco / catalyst_7600
- Cisco / catalyst_7600_ws-svc-nam-12.2(1a) – 2.2(1a)
- Cisco / catalyst_7600_ws-svc-nam-13.1(1a) – 3.1(1a)
- Cisco / catalyst_7600_ws-svc-nam-22.2(1a) – 2.2(1a)
- Cisco / catalyst_7600_ws-svc-nam-23.1(1a) – 3.1(1a)
- Cisco / catalyst_7600_ws-x6380-nam2.1(2) – 2.1(2)
- Cisco / catalyst_7600_ws-x6380-nam3.1(1a) – 3.1(1a)
- Cisco / catos5.4(1) – 5.4(1)
- Cisco / catos7.5(1) – 7.5(1)
- Cisco / catos7.6(1) – 7.6(1)
References
- MISChttp://www.securitytracker.com/id?1018743
- VENDOR_ADVISORYhttp://secunia.com/advisories/26988
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/3276
- MAILING_LISThttp://seclists.org/fulldisclosure/2007/Sep/0573.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/36826
- MISChttp://www.securityfocus.com/bid/25822
- VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sr-20070926-lb.shtml
- MISChttp://securitytracker.com/id?1018742