"Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability"

Our organization has installed couples of Cisco 2960x Stackable switch with IOS version 15.0(2)EX5. We saw the following vulnerability from he Cisco Web Site:

On the Cisco web page, we saw the "March 2015 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication" which include the following vulneratiliby:

"Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability", OVAL cisco-sa-20150325-tcpleak.

We use the "Cisco IOS Software checker" (i.e. http://tools.cisco.com/security/center/selectIOSVersion.x) and mentioned that our IOS release 15.0(2)EX5 is NOT affected by the TCP packet memory leak vulnerabiliy.

However, as mentioned on the URL http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak CISCO mentioned that if we saw the following the Devices might be vulnerable.

Router#show tcp brief all
TCB       Local Address           Foreign Address        (state)
03577CD8  ::.22                    *.*                    LISTEN
03577318  *.22                    *.*                    LISTEN
035455F8  ::.80                    *.*                    LISTEN
03544C38  *.80                    *.*                    LISTEN

We have enabled SSH on the switches for our remote managemnt requirements.

Our question is if the Cisco Software Checker mentioned that the release 15.0(2)EX5 is not Affected by the captioned vulnerability then we should be ok as far as security vulnerabiilty is concerned ?

Thank you for your kind advice.


Who is Participating?
Zephyr ICTCloud ArchitectCommented:
The way I interpret this is that they are covering their own a** ...

Cisco devices running Cisco IOS or Cisco IOS XE Software configured with any process listening on any TCP port are potentially affected

That's basically all devices... "They are potentially affected" leaves a lot of room for interpretation if you ask me.
That being said, I think you're safe on the IOS front regarding this exploit, there's another one mentioned that impacts your version though.
patricktamAuthor Commented:
Thank you for your information.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.