"Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability"

Our organization has installed couples of Cisco 2960x Stackable switch with IOS version 15.0(2)EX5. We saw the following vulnerability from he Cisco Web Site:

On the Cisco web page, we saw the "March 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication" which include the following vulneratiliby:

"Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability", OVAL cisco-sa-20150325-tcpleak.

We use the "Cisco IOS Software checker" (i.e. http://tools.cisco.com/security/center/selectIOSVersion.x) and mentioned that our IOS release 15.0(2)EX5 is NOT affected by the TCP packet memory leak vulnerabiliy.

However, as mentioned on the URL http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak CISCO mentioned that if we saw the following the Devices might be vulnerable.

Router#show tcp brief all
TCB       Local Address           Foreign Address        (state)
03577CD8  ::.22                    *.*                    LISTEN
03577318  *.22                    *.*                    LISTEN
035455F8  ::.80                    *.*                    LISTEN
03544C38  *.80                    *.*                    LISTEN

We have enabled SSH on the switches for our remote managemnt requirements.

Our question is if the Cisco Software Checker mentioned that the release 15.0(2)EX5 is not Affected by the captioned vulnerability then we should be ok as far as security vulnerabiilty is concerned ?

Thank you for your kind advice.


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
The way I interpret this is that they are covering their own a** ...

Cisco devices running Cisco IOS or Cisco IOS XE Software configured with any process listening on any TCP port are potentially affected

That's basically all devices... "They are potentially affected" leaves a lot of room for interpretation if you ask me.
That being said, I think you're safe on the IOS front regarding this exploit, there's another one mentioned that impacts your version though.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
patricktamAuthor Commented:
Thank you for your information.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.