jim_duffy
Managing Editor

Cisco issues patch for TCP bug

Analysis
Sep 9, 20092 mins

Mulitple -- if not most -- Cisco products affected, vulnerable to DoS attacks

Cisco this week issued a patch for a denial of service vulnerability that affects multiple products. The bug was discovered last year by Outpost24, a Swedish provider of network security products.

The vulnerability allows attackers to manipulate the state of TCP connections, according to a Cisco security advisory released this week. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely, the Cisco advisory states.

If enough TCP connections are forced into a long-lived or indefinite state, system resources may be consumed, preventing new TCP connections from being accepted and thus initiating a DoS condition.

Affected Cisco products include scores of routers and switches running IOS, IOS-XE and CatOS operating systems; Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 under certain configurations; NX-OS-based products like the new Nexus 5000 and 7000 switches; and Scientific-Atlanta and Linksys products.

Cisco says it has released free software updates for download from the its website that address these vulnerabilities. Workarounds are also available.

More from Cisco Subnet:

  • Cisco-Juniper battle for carrier business continues neck-and-neck
  • Juniper’s enterprise attack is making progress
  • 100G Ethernet races to market
  • Are HP, 3Com a better value than Cisco?
  • When the compliance officer comes calling … hide the VMotion
  • It’s Really Only Partly Cloudy Out There
  • Is Cisco ACS 5.0 worth the upgrade?
  • Port 666
Win great stuff from Cisco SubnetCisco Alert newsletter. Like RSS readers? Subscribe to the Cisco Subnet RSS feedFollow Cisco Subnet on Twitter.

Like e-mail? Subscribe to the