Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Cisco vulnerabilities - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco vulnerabilities

Several readers have written in that Cisco just released three security bulletins regarding issues in the Cisco IOS software:

Crafted TCP Packet can cause denial of service
A remotely-exploitable memory leak in the Cisco IOS software could lead to a denial of service condition. This vulnerability applies to much of the IOS 12.0, 12.1 and 12.2 code base.

Crafted IP Option vulnerability
Routers and switches running IOS or IOS XR could be vulnerable to a remotely exploitable craft IP option DoS attack. This is a significant issue as in some cases it has the potential to allow for arbitrary code execution.

IPv6 Routing Header vulnerability
Certain crafted IPv6 Type 0 routing headers could crash a device running IOS.

We are currently performing a more detailed analysis of each of these vulnerabilities and will post updates to these issues shortly. As a form of triage we believe organizations are most likely to be affected by the 'Crafted IP Option vulnerability', which simultaneously has the highest potential impact. 

If you run Cisco switches or routers in your network, we advise you to review these bulletins in detail and take mitigative action where required.

Maarten

158 Posts

Sign Up for Free or Log In to start participating in the conversation!