Information Security News mailing list archives
Patch now to reduce denial-of-service threat
From: InfoSec News <isn () c4i org>
Date: Thu, 14 Apr 2005 07:55:57 -0500 (CDT)
http://www.computerweekly.com/articles/article.asp?liArticleID=137910 By Antony Savvas 14 April 2005 The UK's National Infrastructure Security Co-ordination Centre (NISCC) has advised users to update their internet communications infrastructure to plug a denial of service vulnerability in major suppliers' equipment. Cisco, Juniper Networks and IBM have already admitted to the problem and have issued patches to prevent the threat, which can lead to organisations' networks crashing from a remote denial-of-service attack. The threat involves network routers not being able to handle internet traffic supported by the internet control message protocol (ICMP) and the transmission connection protocol (TCP). Hackers could use the protocols to launch a remote attack and crash networks, said the NISCC. The NISCC has rated the threat "medium to high". Cisco equipment affected includes all router products running its Internetworking Operating System (IOS) and its PIX firewall products. IBM's AIX operating system is also vulnerable, as are some versions of Juniper's JUNOS operating software running on its M-series and T-series routers. Other companies' products are believed to be affected by the vulnerability. The NISCC advisory is available from: http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en _________________________________________ Network Security - http://www.auditmypc.com Free vulnerability test - How secure is your computer?
Current thread:
- Patch now to reduce denial-of-service threat InfoSec News (Apr 14)