Our organization has installed couples of Cisco 2960x Stackable switch with IOS version 15.0(2)EX5. We saw the following vulnerability from he Cisco Web Site:
On the Cisco web page, we saw the "March 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication" which include the following vulneratiliby:
"Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability", OVAL cisco-sa-20150325-tcpleak.
We use the "Cisco IOS Software checker" (i.e. http://tools.cisco.com/security/center/selectIOSVersion.x
) and mentioned that our IOS release 15.0(2)EX5 is NOT affected by the TCP packet memory leak vulnerabiliy.
However, as mentioned on the URL http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak
CISCO mentioned that if we saw the following the Devices might be vulnerable.
Router#show tcp brief all
TCB Local Address Foreign Address (state)
03577CD8 ::.22 *.* LISTEN
03577318 *.22 *.* LISTEN
035455F8 ::.80 *.* LISTEN
03544C38 *.80 *.* LISTEN
We have enabled SSH on the switches for our remote managemnt requirements.
Our question is if the Cisco Software Checker mentioned that the release 15.0(2)EX5 is not Affected by the captioned vulnerability then we should be ok as far as security vulnerabiilty is concerned ?
Thank you for your kind advice.