Reply to post: Re: Rule #1 -- Beware of home made protocols

'Tens of millions' of Cisco devices vulnerable to CDPwn flaws: Network segmentation blown apart by security bugs


Re: Rule #1 -- Beware of home made protocols

If you read the advisories, it turns out it is different TLV fields in different products. So not a protocol issue, just one parsing long messages, and probably missed size checks when copying fields across into structures. Likely to be different code bases for each product which is why these are all different.

CVE-2020-3110 heap overflow in the parsing of DeviceID type-length-value (TLV)

CVE-2020-3111 stack overflow in the parsing of PortID type-length-value (TLV)

CVE-2020-3118 improper validation of string input from certain fields within a CDP message that could lead to a stack overflow

CVE-2020-3119 stack buffer overflow and arbitrary write in the parsing of Power over Ethernet (PoE) type-length-value

CVE-2020-3120 resource exhaustion DoS

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon