archives  If you want an RSS feed try this xml rss V0.91 feed

Thursday, July 17, 2003

CISCO IOS Vulnerability

Cisco have issued an advisory earlier today which affects all routers running IOS and IPV4....i.e. just about everyone. The threat is that an especially crafted packet could cause the IOS to believe the interface queue to be full and thus cause the system to stop processing any further packets on that interface. Crucially the failure does not cause any alarms to be raised nor will the router re-boot itself to correct the problem, manual intervention will be required. Cisco don't believe that this exploit has been used or has affected anyone. The effect of this exploit being used would be very uncomfortable for those affected, especially if it could be delivered into the core where it's effect could be catastrophic.
Cisco has issued a fix and the full advisory can be read on their website.
Related Links
Cisco Advisory Document ID: 44020
BBC On-Line story
John Leyden's story on The Register

posted by Robert Campbell 11:15 AM


Powered by Blogger Pro™