Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.

N/A

输入验证不恰当

Cisco IOS XE 输入验证错误漏洞

Cisco IOS XE是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。 Cisco IOS XE中的Network Address Translation (NAT)、NAT IPv6 to IPv4 (NAT64)和Zone-Based Policy Firewall (ZBFW)的FTP application layer gateway (ALG)功能存在输入验证错误漏洞。远程攻击者可利用该漏洞造成设备重新加载。

N/A

N/A