AOH :: ISNQ3627.HTM

Cisco Warns Of Multiple IOS Vulnerabilities




Cisco Warns Of Multiple IOS Vulnerabilities
Cisco Warns Of Multiple IOS Vulnerabilities



http://www.informationweek.com/news/showArticle.jhtml?articleID=197005905 

By Sharon Gaudin
InformationWeek
Feb 13, 2007 

Cisco Systems announced on Tuesday that there are several 
vulnerabilities in the Intrusion Prevention System (IPS) feature set of 
its Internetwork Operating System (IOS).

Fragmented IP packets may be used to evade signature inspection, 
according to a warning on Cisco's Web site [1]. It also warned that the 
IPS signatures utilizing the regular expression feature of the 
ATOMIC.TCP signature engine may cause a router to crash and resulting in 
a denial of service.

Cisco's IOS is software used in a lot of its routers and current network 
switches.

Four versions of Cisco IOS are vulnerable to the fragmented packet 
evasion vulnerability. They include Version 12.4, 12.4T, 12.4XE, and at 
least one release of 12.3T. Many of the IOS version releases are 
vulnerable to the ATOMIC.TCP regular expression denial of service flaw.

An alert on the SANS Institute's Internet Storm Center recommends an 
upgrade of the IOS version.

[1] http://www.cisco.com/warp/public/707/cisco-sa-20070213-iosips.shtml 


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss 

Site design & layout copyright © 1986-2014 CodeGods