Cisco devices vulnerable to frame-based attacks

Cisco is urging network administrators to upgrade 6000, 6500 and 7600 series network devices to cure a denial-of-service vulnerability.

Cisco Systems Inc. warns that software upgrades will be necessary to correct a problem in several models of its network devices.

Without these upgrades, it's possible to cause a denial of service on devices locally; a remote attack is also possible but unlikely.

The vulnerability, which exists in Cisco 6000, 6500 and 7600 series network devices with Multilayer Switch Feature Card 2 (MSFC2), stems from how they handle certain frames. In the Open System Interconnection (OSI) model, layer 2 represents data link frames and layer 3 represents network packets. Layer 2 frames encapsulate a protocol-independent layer 3 packet.

However, it's possible to create a layer 2 frame whose length is inconsistent with the length of the encapsulated layer 3 packet. The software doesn't handle this situation properly, causing the device to freeze or rest, resulting in a denial of service.

Usually, this is only possible locally, since a router or firewall will normally prevent malicious packets from being transmitted. However, it might be possible to exploit this remotely, in the unlikely situation in which the special layer 2 frames pass through intermediate devices without being clipped.

The problem occurs in systems with a FlexWAN module or OSM module, and in systems running IOS 12.1(8b)E14. There's no workaround, only the software upgrade.

FOR MORE INFORMATION:

Click here for Cisco advisory.

Click here for Cisco upgrade download.

Dig deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close