Cisco fixes IOS flaws

By Bill Brenner, Senior News Writer 24 Jan 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

The Cisco IOS Transmission Control Protocol (TCP) listener in certain versions of IOS software is vulnerable to a remotely-exploitable memory leak that may lead to a denial-of-service condition, according to the Crafted TCP Packet Can Cause Denial of Service advisory issued by Cisco.

A second denial-of-service flaw affects Cisco routers and switches running IOS or Cisco IOS XR software. Attackers could exploit the flaw after processing an Internet control message protocol (ICMP) packet, protocol independent multicast version 2 (PIMv2) packet; pragmatic general multicast (PGM) packet; or a URL rendezvous directory (URD) packet containing a specific crafted IP option in the packet's IP header.

"Exploitation of the vulnerability may potentially allow for arbitrary code execution," Cisco warned.

Attackers could also crash a device running IOS software by processing a specially crafted IPv6 Type 0 routing header, according to the IPv6 Routing Header Vulnerability advisory issued by Cisco.

The Cisco bulletins prompted the Bethesda, Md.-based SANS Internet Storm Center (ISC) to post an advisory on its Web site.

"If you run Cisco switches or routers in your network, we advise you to review these bulletins in detail and take mitigative action where required," the ISC said.

Tags: Network Firewalls, Routers and Switches,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Firewalls, Routers and Switches Best Network Firewall Products What is the difference between static and dynamic network validation? Screencast: Smoothwall offers firewall defense in lean times New Cisco IOS bugs pose tempting targets, says Black Hat researcher How to implement virtual firewalls in a complex network infrastructure How to manage network bandwidth with distributed ISP bandwidth Firewall rule management best practices Should enterprises be running multiple firewalls? What are the disadvantages of proxy-based firewalls? IT pros find corporate firewall rules tough to navigate

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bastion host  (SearchSecurity.com) firewall  (SearchSecurity.com) Firewall Builder  (SearchSecurity.com) screened subnet  (SearchSecurity.com) virus  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary