Cisco warns of more critical software holes

[InfoSec News <isn () c4i org>]

http://www.nwfusion.com/news/2004/0421ciscowarns.html

By Paul Roberts
IDG News Service
04/21/04

Cisco warned its customers about two critical security holes that
affect almost every product the company makes. The vulnerabilities
could be used by malicious hackers to create so-called "denial of
service" (DoS) attacks, causing Cisco products to abruptly restart or
drop active connections with other devices.

Cisco issued advisories on Tuesday, revealing the impact on the
company's products of a security hole in TCP (for IOS devices and
non-IOS devices) and another serious vulnerability in the company's
IOS that affects SNMP. The advisories are just the latest in a string
of security warnings from the San Jose network equipment maker.
 
Following warnings yesterday from the U.K.'s National Infrastructure
Security Co-Ordination Centre (NISCC) and the U.S. Computer Emergency
Readiness Team (US-CERT), Cisco issued two advisories regarding a
security vulnerability in the standard implementation of TCP.

Cisco is just one of a large number of software and hardware makers
that are affected by the TCP hole.

The TCP hole is found in all implementations of TCP that comply with
the Internet Engineering Task Force's TCP specification. By exploiting
the holes, malicious hackers could cause TCP sessions to end
prematurely, creating a DoS attack. The TCP vulnerability could also
disrupt communications among Internet routers by interrupting BGP
(Border Gateway Protocol) sessions that use TCP, NISCC said Tuesday.

In one advisory, Cisco published software updates for more than 47 of
the company's products that contain the TCP vulnerability but do not
use the IOS operating system.

Cisco issued a separate advisory listing updates for scores of
versions of the IOS operating system that are also affected by the TCP
hole and provided workaround instructions for customers who are unable
to update their operating system.

In a third advisory, Cisco said that it patched a flaw in the way
certain versions of IOS process SNMP traffic. The software
vulnerability, which was introduced by a coding error to fix an
earlier IOS problem, could cause memory on the Cisco devices running
IOS to be corrupted, forcing the affected device to restart
unexpectedly, Cisco said.

The company said it fixed the SNMP problem and published information
on updating IOS with new versions of the operating system.

US-CERT also issued a warning about the Cisco SNMP hole and advised
Cisco customers to upgrade their devices that use affected versions of
IOS.

The warnings are just the latest from Cisco, which has disclosed a
number of serious vulnerabilities in recent weeks, including a hole in
Cisco VPN hardware and software and in two products used to manage
wireless LANs and e-business services in corporate data centers.



_________________________________________
ISN mailing list
Sponsored by: OSVDB.org