http://www.informationweek.com/news/showArticle.jhtml?articleID=197005905 By Sharon Gaudin InformationWeek Feb 13, 2007 Cisco Systems announced on Tuesday that there are several vulnerabilities in the Intrusion Prevention System (IPS) feature set of its Internetwork Operating System (IOS). Fragmented IP packets may be used to evade signature inspection, according to a warning on Cisco's Web site [1]. It also warned that the IPS signatures utilizing the regular expression feature of the ATOMIC.TCP signature engine may cause a router to crash and resulting in a denial of service. Cisco's IOS is software used in a lot of its routers and current network switches. Four versions of Cisco IOS are vulnerable to the fragmented packet evasion vulnerability. They include Version 12.4, 12.4T, 12.4XE, and at least one release of 12.3T. Many of the IOS version releases are vulnerable to the ATOMIC.TCP regular expression denial of service flaw. An alert on the SANS Institute's Internet Storm Center recommends an upgrade of the IOS version. [1] http://www.cisco.com/warp/public/707/cisco-sa-20070213-iosips.shtml ______________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
This archive was generated by hypermail 2.1.3 : Tue Feb 13 2007 - 22:43:13 PST