[ISN] Cisco squishes bug trio

From: InfoSec News (alerts@private)
Date: Thu Jan 25 2007 - 22:29:44 PST


By John Leyden
25th January 2007

Cisco released three security advisories on Wednesday designed to fix 
multiple vulnerabilities in its core Internetwork Operating System 
Software (IOS).

Worst of the trio is a "Crafted IP Option" vulnerability that creates a 
potential means for hackers to load hostile code onto a range of Cisco 
routers and switches running IOS. Attacks would have worked by sending 
certain ICMP, PIMv2, PGM or URD packets with a specific IP option set to 
a Cisco device, thereby causing the hardware to either crash or load in 
such a way that arbitrary code is executed. The flaw applies to most of 
the code base of IOS 12.0, 12.1 and 12.2.

The second vulnerability means that malformed TCP Packets can tie up the 
memory of vulnerable devices eventually causing them to crash. The third 
flaw also involves a denial of service risk, triggered by a packet 
containing crafted IPv6 Type 0 Routing headers.

Cisco Security Advisories and vulnerability notes provided information 
on patching and possible workarounds to address the flaws. Sys admins 
are strongly advised to review these detailed bulletins. More 
easily-digestible information is available in summaries from the 
Internet Storm Centre (here) [1] and US CERT (here) [2].

[1] http://isc.sans.org/diary.html?storyid=2097 
[2] http://www.us-cert.gov/current/current_activity.html#cisco0107

Subscribe to InfoSec News

This archive was generated by hypermail 2.1.3 : Thu Jan 25 2007 - 22:44:27 PST