Cisco warns of critical IOS flaws

By SearchSecurity.com Staff 09 Aug 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Cisco is warning customers about multiple vulnerabilities in its Cisco Internework Operating System (IOS) and IOS secure copy server as well as its Unified Communications Manager, which could be exploited remotely by an attacker to conduct a denial of service or execute arbitrary code.

Cisco said multiple vulnerabilities occur in its IOS and Unified Communications Manager when handling malformed Session Initiation Protocol (SIP) packets. SIP is a standard protocol for initiating an interactive user session that involves multimedia elements such as video, voice, chat, gaming, and virtual reality.

Cisco said the router can be crashed by a malformed SIP message. A memory leak and memory corruption also can occur when processing a malformed SIP message, Cisco said in its advisory. Cisco IOS versions 12.0 through 12.4 are vulnerable and Cisco Unified Communications Manager versions 5.1 through 6.0 are vulnerable. Patches are being released.

In addition the IOS is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user supplied data. Also, Cisco said its IOS secure copy server is prone to a remote security-bypass vulnerability.

Danish vulnerability clearinghouse Secunia rated the flaws "moderately critical." Symantec's DeepSight Threat Management System said Cisco customers can block external access at the network boundary, unless external parties require service until the software is updated.

"If global access isn't needed, filter access to the affected device at the network boundary," Symantec said in its advisory. "Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploitation."

Tags: Network Device Management,  Network Firewalls, Routers and Switches,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Device Management Firewall rule management best practices What are best practices for fiber optic cable security? Enterprise UTM security: The best threat management solution? Making the case for network security configuration management Know when you need IDS, IPS or both SIEM: Not for small business, nor the faint of heart Evaluating MSSP security before taking the plunge Ixia network security tool exposes problems Product Review: Deepdive's DD300 Security services: Fiberlink's MaaS360 Mobility Platform Network Firewalls, Routers and Switches Firewall rule management best practices Should enterprises be running multiple firewalls? What are the disadvantages of proxy-based firewalls? IT pros find corporate firewall rules tough to navigate PCI compliance requirement 1: Firewalls Comparing an application proxy firewall and a gateway server firewall Microsoft Threat Management Gateway has some drawbacks Rising Profile Front-end/back-end firewalls vs. chassis-based firewalls How to configure a firewall to communicate with an upstream router

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary OCSP  (SearchSecurity.com) trusted computing base  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary