Cisco fixes IOS flaws
Attackers could exploit three Cisco IOS flaws to cause a denial of service or launch malicious code. The networking giant has released fixes.
The Cisco IOS Transmission Control Protocol (TCP) listener in certain versions of IOS software is vulnerable to a remotely-exploitable memory leak that may lead to a denial-of-service condition, according to the Crafted TCP Packet Can Cause Denial of Service advisory issued by Cisco.
A second denial-of-service flaw affects Cisco routers and switches running IOS or Cisco IOS XR software. Attackers could exploit the flaw after processing an Internet control message protocol (ICMP) packet, protocol independent multicast version 2 (PIMv2) packet; pragmatic general multicast (PGM) packet; or a URL rendezvous directory (URD) packet containing a specific crafted IP option in the packet's IP header.
"Exploitation of the vulnerability may potentially allow for arbitrary code execution," Cisco warned.
Attackers could also crash a device running IOS software by processing a specially crafted IPv6 Type 0 routing header, according to the IPv6 Routing Header Vulnerability advisory issued by Cisco.
The Cisco bulletins prompted the Bethesda, Md.-based SANS Internet Storm Center (ISC) to post an advisory on its Web site.
"If you run Cisco switches or routers in your network, we advise you to review these bulletins in detail and take mitigative action where required," the ISC said.
Read more on IT risk management
-
![]()
Cisco IOS XE instances still under attack, patch now
By: Alexander Culafi
-
![]()
Cisco hackers likely taking steps to avoid identification
By: Alex Scroxton
-
![]()
Cisco issues alert for zero-day vulnerability under attack
By: Arielle Waldman
-
![]()
Microsoft discloses wormable SMBv3 flaw without a patch
By: Alexander Culafi
