|
Cisco BGP DoS
Cisco released an advisory today announcing a denial-of-service vulnerability in their routers utilizing the BGP protocol. According to the advisory "unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet." Enabling md5 authentication to defend against the previous BGP/TCP vulnerabilities ( http://isc.sans.org/diary.php?date=2004-04-20 ) should be sufficient to mitigate the risk presented by this new vulnerability. Full details and links to updated software are available from Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml Update: Local Linux Kernel DoS Fixed The local denial-of-service vulnerability in the Linux kernel reported on the 14th ( http://isc.incidents.org/diary.php?date=2004-06-14 ) has been fixed in the newly released 2.6.7 kernel. Grab the patches from your nearest kernel.org mirror: http://www.kernel.org/mirrors/ Update: Akamai Press Release Akamai has issued a press release to address the service outages (attributed to a DDoS - http://isc.incidents.org/diary.php?date=2004-06-15 ) which affected Akamai-hosted sites yesterday: http://www.akamai.com/en/html/about/press/press459.html Continuing Report: Unpatched IE Vulnerabilities This is ground that's been tread over and over again recently, but it bears repeating: We are continuing to receive reports of exploitation of unpatched vulnerabilities in Internet Explorer resulting in code execution and system compromise. Take whatever precautions you feel are necessary to avoid becoming a victim, and continue sending in detailed reports if and when you see these attacks in the wild. ---------------------- Cory Altheide Handler on Duty |
Cory Altheide 19 Posts Jun 17th 2004 |
| Thread locked Subscribe |
Jun 17th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
