[OCCAID] FW: US-CERT Technical Cyber Security Alert TA05-026A -- Multiple Denial-of-Service Vulnerabilities in Cisco IOS

James james at towardex.com
Thu Jan 27 21:29:45 EST 2005 

On Thu, Jan 27, 2005 at 04:27:24PM -0500, Tom McNeely wrote:
> Thankfully, OCCAID is not a Cisco Challenged Network[TM] ;>

Just because occaid isn't, doesnt mean people on this list aren't :)

Ed: Thanks for the notice btw!

-J (who is quite Cisco-challenged(tm) at edge bwahahha)

> 
> Tom
> 
> Edward A. Trdina III wrote:
> 
> >Received this last night!
> >
> >Ed
> >
> >-----Original Message-----
> >From: "US-CERT Technical Alerts"<technical-alerts at us-cert.gov>
> >Sent: 1/26/05 6:00:43 PM
> >To: "technical-alerts at us-cert.gov"<technical-alerts at us-cert.gov>
> >Subject: US-CERT Technical Cyber Security Alert TA05-026A -- Multiple 
> >Denial-of-Service Vulnerabilities in Cisco IOS 
> >
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >
> >               Technical Cyber Security Alert TA05-026A
> >       Multiple Denial-of-Service Vulnerabilities in Cisco IOS
> >
> >  Original release date: January 26, 2005
> >  Last revised: --
> >  Source: US-CERT
> >
> >Systems Affected
> >
> >    * Cisco routers and switches running IOS in various configurations
> >
> >Overview
> >
> >  Several denial-of-service vulnerabilities have been discovered in
> >  Cisco's Internet Operating System (IOS). A remote attacker may be able
> >  to cause an affected device to reload the operating system.
> >
> >I. Description
> >
> >  Cisco has published three advisories describing flaws in IOS that
> >  could allow a remote attacker to cause an affected device to reload.
> >  Further details are available in the following vulnerability notes:
> >
> >  VU#583638 - Cisco IOS contains DoS vulnerability in MPLS packet
> >  processing
> >
> >  The IOS implementation of Multi Protocol Label Switching (MPLS)
> >  contains a vulnerability that allows malformed MPLS packets to cause
> >  an affected device to reload. An unauthenticated attacker can send
> >  these malformed packets on a local network segment that is connected
> >  to a vulnerable device interface.
> >
> >  VU#472582 - Cisco IOS IPv6 denial-of-service vulnerability
> >
> >  A vulnerability in the way that IOS handles a sequence of specially
> >  crafted IPv6 packets could cause an affected device to reload,
> >  resulting in a denial of service. The vulnerability is exposed on both
> >  physical interfaces (i.e., hardware interfaces), and logical
> >  interfaces (i.e., software defined interfaces such as tunnels) that
> >  are configured for IPv6.
> >
> >  VU#689326 - Cisco IOS vulnerable to DoS via malformed BGP packet
> >
> >  An IOS device that is enabled for Border Gateway Protocol (BGP) and
> >  set up with the bgp log-neighbor-changes option is vulnerable to a
> >  denial-of-service attack via a malformed BGP packet.
> >
> >II. Impact
> >
> >  Although the underlying causes of these three vulnerabilities is
> >  different, in each case a remote attacker could cause an affected
> >  device to reload the operating system. This creates a
> >  denial-of-service condition since packets are not forwarded through
> >  the affected device while it is reloading. Repeated exploitation of
> >  these vulnerabilites would result in a sustained denial-of-service
> >  condition.
> >
> >  Since devices running IOS may transit traffic for a number of other
> >  networks, the secondary impacts of a denial of service may be severe.
> >
> >III. Solution
> >
> >Upgrade to a fixed version of IOS
> >
> >  Cisco has updated versions of its IOS software to address these
> >  vulnerabilities. Please refer to the "Software Versions and Fixes"
> >  sections of the Cisco Security Advisories listed in Appendix A for
> >  more information on upgrading.
> >
> >Workaround
> >
> >  Cisco has also published practical workarounds for VU#689326 and
> >  VU#583638. Please refer to the "Workarounds" section of each Cisco
> >  Security Advisory listed in Appendix A for more information.
> >
> >  Sites that are unable to install an upgraded version of IOS are
> >  encouraged to implement these workarounds.
> >
> >Appendix A. References
> >
> >    * Cisco Security Advisory: Crafted Packet Causes Reload on Cisco
> >      Routers -
> >      <http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml>
> >    * Cisco Security Advisory: Multiple Crafted IPv6 Packets Cause
> >      Reload -
> >      <http://www.cisco.com/warp/public/707/cisco-sa-20050126-ipv6.shtml>
> >    * Cisco Security Advisory: Cisco IOS Malformed BGP Packet Causes
> >      Reload -
> >      <http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml>
> >    * US-CERT Vulnerability Note VU#583638 -
> >      <http://www.kb.cert.org/vuls/id/583638>
> >    * US-CERT Vulnerability Note VU#472582 -
> >      <http://www.kb.cert.org/vuls/id/472582>
> >    * US-CERT Vulnerability Note VU#689326 -
> >      <http://www.kb.cert.org/vuls/id/689326>
> >    _________________________________________________________________
> >
> >  Feedback can be directed to the authors: Will Dormann, Chad Dougherty,
> >  and Damon Morda
> >    _________________________________________________________________
> >
> >  This document is available from:
> >     <http://www.us-cert.gov/cas/techalerts/TA05-026A.html>
> >    _________________________________________________________________
> >
> >  Copyright 2005 Carnegie Mellon University.
> >  Terms of use: <http://www.us-cert.gov/legal.html>
> >    _________________________________________________________________
> >
> >  Revision History
> >
> >  January 26, 2005: Initial release
> >
> >
> >                      Last updated January 26, 2005 
> >
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v1.2.1 (GNU/Linux)
> >
> >iQEVAwUBQfgfthhoSezw4YfQAQJQKAf8DxKPd+9aXGsomYzRhFPyCcnjEfy6dv/N
> >3GcqV8GR5WyshB207vhvw1PDfZdQVFIXiNr/xE9dmBKEhm38En3a70DnVe2UCmXO
> >UobYXGk9tSW+pnR7Cdd3hc8yeZq0ys+LFKF/sztgpPJji/zFWojPnuS1wCcYggA1
> >kuGCQ9VD6My64Hlh/PStCYqx5C9azgGHNv086W6fQyCssgjwBz51YxdV9gZ9wJUt
> >I8LGjq6T0Fp+5kEEd9SPoUjA+r7bNft3xUPAabb+N4dt8sZUYqzXDP71lYYXgZay
> >z2FE7jkbtX/LYVQCiA4LfgGCbw1sI6p+UQABtj74CPte2CyJZO5hJw==
> >=aHIO
> >-----END PGP SIGNATURE-----
> >
> >_______________________________________________
> >OCCAID Mailing List: http://www.occaid.org
> >schednetisr(NETISR_COFFEE); inq=&coffeebreak_intrq;
> >
> >Occaid at cnacs.occaid.org is the list posting address.
> >db-admin at cnacs.occaid.org is the human contact address.
> >See below URL for subscribe/unsubscribe and list options:
> >http://mailman.twdx.net/mailman/listinfo/occaid
> >
> >
> > 
> >
> 
> _______________________________________________
> OCCAID Mailing List: http://www.occaid.org
> schednetisr(NETISR_COFFEE); inq=&coffeebreak_intrq;
> 
> Occaid at cnacs.occaid.org is the list posting address.
> db-admin at cnacs.occaid.org is the human contact address.
> See below URL for subscribe/unsubscribe and list options:
> http://mailman.twdx.net/mailman/listinfo/occaid

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                      Boston IPv4/IPv6 Web Hosting, Colocation and
james at towardex.com            Network design/consulting & configuration services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net

More information about the Occaid mailing list