Cisco devices vulnerable to frame-based attacks

Cisco is urging network administrators to upgrade 6000, 6500 and 7600 series network devices to cure a denial-of-service vulnerability.

Cisco Systems Inc. warns that software upgrades will be necessary to correct a problem in several models of its...

network devices.

Without these upgrades, it's possible to cause a denial of service on devices locally; a remote attack is also possible but unlikely.

The vulnerability, which exists in Cisco 6000, 6500 and 7600 series network devices with Multilayer Switch Feature Card 2 (MSFC2), stems from how they handle certain frames. In the Open System Interconnection (OSI) model, layer 2 represents data link frames and layer 3 represents network packets. Layer 2 frames encapsulate a protocol-independent layer 3 packet.

However, it's possible to create a layer 2 frame whose length is inconsistent with the length of the encapsulated layer 3 packet. The software doesn't handle this situation properly, causing the device to freeze or rest, resulting in a denial of service.

Usually, this is only possible locally, since a router or firewall will normally prevent malicious packets from being transmitted. However, it might be possible to exploit this remotely, in the unlikely situation in which the special layer 2 frames pass through intermediate devices without being clipped.

The problem occurs in systems with a FlexWAN module or OSM module, and in systems running IOS 12.1(8b)E14. There's no workaround, only the software upgrade.

FOR MORE INFORMATION:

Click here for Cisco advisory.

Click here for Cisco upgrade download.

Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close