- Steve Jobs is a man of a few words
- Internet routing blasts into space
- 15 free downloads to pep up your old PC
- IBM smartphone software translates 11 languages
- New attack fells Internet Explorer
Cisco is warning of three vulnerabilities within its Internet Operating System (IOS) software that could allow a denial-of-service attack or let a hacker run arbitrary code on an affected switch router.
The company has published workarounds and issued an updated version of the software.
The three problems are:
-- TCP packet problem: A memory leak in certain versions of IOS could lead to a denial-of-service attack, according to an advisory from the U.S. Computer Emergency Readiness Team. (CERT)
-- IPv6 router header vulnerability: IOS can fail to properly process IPv6 packets with specially-crafted routing heads, which could allow a denial-of-service attack or the running of arbitrary code. IPv6 is a set of specifications that enables more IP addresses to be available on the Internet.
-- Crafted IP option vulnerability: This is a bug concerning how IOS processes IPv4 packets with a specially-crafted IP option, CERT said. It could also enable a denial-of-service attack or the running of arbitrary code.
CERT wrote that all three vulnerabilities could cause a device to reload its operating system. In that case, a secondary, sustained denial-of-service condition could be caused since packets won't go through the device.
"Because devices running IOS may transmit traffic for a number of other networks, the secondary impacts of a denial of service may be severe," CERT said.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (3)
Cisco discloses three router security problemsBy Anonymous on January 26, 2007, 10:04 amIts a big news from the network part of view. But how the bigger ISPs can now cope up with this problem and how can it be resolved?? Regards, AnkurDalal Re:...
Reply | Read entire comment
Shared Secret Exposed?By Anonymous on January 27, 2007, 4:05 pmTwo out of the three vulnerabilities may enable arbitrary execution of code. Does that mean the shared secret often used for establishing the encryption keys for...
Reply | Read entire comment
Cisco Product Alert ToolBy BradReeseCom on February 4, 2007, 4:28 amGood idea to create Alert Profiles that enable you to receive email notification of new Cisco Field Notices, Product Alerts or End of Sale information for the products...
Reply | Read entire comment
View all comments