漏洞类别:Cisco
漏洞等级: 
漏洞信息
he Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service condition on an affected device.
The vulnerability is due to incorrect handling of image list parameters.
漏洞危害
An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to leak memory and eventually reload, resulting in a DoS condition.
解决方案
Refer to Cisco advisory cisco-sa-20160928-smi for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论