Windows flaw fixed, but Cisco products affected |
 |
By Bill Brenner, News Writer
19 May 2005 | SearchSecurity.com |
|
|
A Windows vulnerability outlined by a French security organization earlier this week has already been patched, Microsoft said in an advisory Wednesday. Meanwhile, Cisco reports that several of its products are affected by variations of the same flaw.
The French Security Incident Response Team [FrSIRT] issued an advisory Tuesday saying versions of Windows XP and Server 2003 contain a flaw attackers could use to cause a denial of service. The vulnerability
is in the Windows IPv6 TCP/IP stack when processing a specially crafted packet in which the SYN flag is set and the source address and port are the same as the destination address and port, the advisory said. A remote user could exploit this vulnerability to launch a LAND attack, which would cause a vulnerable system to crash, FrSIRT said.
The organization did note that in April, Microsoft fixed "a variant" of this flaw, which specifically affects Windows XP, XP SP1, XP SP2, Server 2003 and Server 2003 SP1. FrSIRT said it was "not aware of any official supplied patch for this issue."
But according to Microsoft, the issues FrSIRT warned about are indeed covered in the April patch release.
"Microsoft is aware of a new vulnerability report affecting TCP/IP [Transmission Control Protocol/Internet Protocol]… We are not aware of any attacks attempting to use the reported vulnerability and have no reports of customer impact at this time," the software giant said. "We do not consider this to be a significant threat to the security of the Internet… Changes made during the development of Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and the MS05-019 security update eliminated this vulnerability. If you have installed any of these updates, [they] already help protect you… and no additional action is required."
Vulnerability affects Cisco products
As Microsoft was trying to clarify the situation, networking giant Cisco was warning its customers that several of its products are affected by variations of the TCP flaw, including Cisco SN5400 series storage routers, CSS11000 series content services switches, AP350 and AP1200 series access points and MGX series WAN switches.
In its advisory Cisco said, "Microsoft Security Bulletin MS05-019 addresses this vulnerability for Windows."
If left unpatched, Cisco said the flaw could also affect these products:
- CallManager
- Conference Connection
- Emergency Responder
- MeetingPlace
- Personal Assistant
- Intelligent Contact Management Product Family
- IP Contact Center Product Family
- Interactive Voice Response Product Family
- Remote Monitoring Suite Option
- Web Collaboration Option
- E-Mail Manager Option
- Agent Desktop
- Support Tools
- Unity
|
|
|
|
