Preview Tool

Cisco Bug: CSCut68058 - Cisco GGSN Gateway GPRS Support Node TCP Invalid Packet Vulnerability

Last Modified

Feb 13, 2018

Products (1)

  • Cisco ASR 5000 Series

Known Affected Releases 18.0.L0.59219

Description (partial)

A vulnerability in Transmission Control Protocol (TCP) packet input handler of the Cisco 
Gateway ''General Packet Radio Service'' (GPRS) Support Node (GGSN) could allow an
unauthenticated, remote attacker to cause a reset of the Session Manager application.

The vulnerability is due to improper input validation of the length fields of the TCP/IP header fields.
An attacker could exploit this vulnerability by by sending a crafted TCP packet with and invalid
TCP/IP header. An exploit could allow the attacker to cause a partial availability impact due to a
denial of service (DoS) condition when the invalid TCP packet is received the Session Manager
application restarts.

Device running with default configuration running an affected version of software.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.