Cisco routers affected by security problems

If you’re new here, you may want to subscribe to my RSS feed.

Cisco Systems

Cisco the leading supplier of networking equipment & network management for the Internet has released a possibility of three vulnerabilities within its Internet Operating System. It is likely to cause a denial of service attack. However, to understand this you need to have an expertise level of understanding of all Cisco IOS software. These problems are categorized into three types.

TCP packet problem: A memory leak in certain versions of IOS could lead to a DOS attack, according to an advisory from the U.S. Computer Emergency Readiness Team.

IPv6 router header vulnerability: IOS can fail to properly process IPv6 (Internet Protocol version 6) packets with specially crafted routing heads, which could allow a DOS attack or the running of arbitrary code. IPv6 is a set of specifications that enables more IP addresses to be available on the Internet.

Crafted IP option vulnerability: This is a bug concerning how IOS processes IPv4 packets with a specially crafted IP option, CERT said. It could also enable a DOS attack or the running of arbitrary code.

This denial of service attack would let an unauthenticated user or a hacker to login to the affected switch router and may cause severe problems to it. It may even lead to a device to reload its OS. According to CERT a sustained DOS condition may be the end result since packets will not go through the device. The Cisco devices running IOS would transfer traffic to other networks and the secondary impacts of this denial of service will have an exacting effect.