Patch now to reduce denial-of-service threat

The UK’s National Infrastructure Security Co-ordination Centre (NISCC) has advised users to update their internet communications...

The UK’s National Infrastructure Security Co-ordination Centre (NISCC) has advised users to update their internet communications infrastructure to plug a denial of service vulnerability in major suppliers’ equipment.

Cisco, Juniper Networks and IBM have already admitted to the problem and have issued patches to prevent the threat, which can lead to organisations’ networks crashing from a remote denial-of-service attack.

The threat involves network routers not being able to handle internet traffic supported by the internet control message protocol (ICMP) and the transmission connection protocol (TCP). 

Hackers could use the protocols to launch a remote attack and crash networks, said the NISCC. The NISCC has rated the threat “medium to high”. 

Cisco equipment affected includes all router products running its Internetworking Operating System (IOS) and its PIX firewall products.

IBM’s AIX operating system is also vulnerable, as are some versions of Juniper’s JUNOS operating software running on its M-series and T-series routers.

Other companies’ products are believed to be affected by the vulnerability.

The NISCC advisory is available from: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en

Read more on IT risk management

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close