Another Cisco router/switch vulnerability reported

Cisco this week warned users that a flaw in the VPN blade for its Catalyst 6500 switch could be used by net attackers to crash the device.

Cisco Catalyst 6500 switches and Cisco 7600 series routers running the IPSec-based VPN Services Module (VPNSM) could be brought down if specially crafted Internet Key Exchange (IKE) packets are sent to the module. Cisco says the vulnerability could be used to launch a denial-of-service attack against the affected devices.

Only Catalyst 6500 switches and Cisco 7600 routers with the VPNSM and running IOS versions 12.2SXA, 12.2SXB and 12.2SY are susceptible to the vulnerability, according to Cisco.

The Cisco VPNSM is a module that fits into Cisco switch and router chassis and acts as integrated VPN termination points for remote access and site-to-site VPN setups.

A fix for the software flaw can be obtained here.

The VPNSM vulnerability follows several recently published alerts about Cisco hardware that could be at risk of a network attack. Earlier this week, a flaw was reported in Cisco’s Wireless LAN Solution Engine (WLSE), a product used to manage Cisco Aironet-based wireless LANs. The flaw involved a hard-coded default logon and password that allows unlimited user access to the WLSE. Later, it was reported that a tool for cracking the password on the WLSE was circulating the Internet.

Last month, it was reported that another hacker tool for bringing down a variety of Cisco routers and switches was making its way around the ‘Net. The tool, informally dubbed the Cisco Global Exploiter, takes advantages of several previously reported software vulnerabilities in Cisco IOS on switches, routers, firewalls and other gear.

Copyright © 2004 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022