Cisco BGP DoS - Updates Galore!

Published: 2004-06-16
Last Updated: 2004-06-17 05:12:53 UTC
by Cory Altheide (Version: 1)
0 comment(s)
Cisco BGP DoS

Cisco released an advisory today announcing a denial-of-service vulnerability in their routers utilizing the BGP protocol. According to the advisory "unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet." Enabling md5 authentication to defend against the previous BGP/TCP vulnerabilities ( http://isc.sans.org/diary.php?date=2004-04-20 ) should be sufficient to mitigate the risk presented by this new vulnerability. Full details and links to updated software are available from Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml

Update: Local Linux Kernel DoS Fixed

The local denial-of-service vulnerability in the Linux kernel reported on the 14th ( http://isc.incidents.org/diary.php?date=2004-06-14 ) has been fixed in the newly released 2.6.7 kernel. Grab the patches from your nearest kernel.org mirror: http://www.kernel.org/mirrors/

Update: Akamai Press Release

Akamai has issued a press release to address the service outages (attributed to a DDoS - http://isc.incidents.org/diary.php?date=2004-06-15 ) which affected Akamai-hosted sites yesterday: http://www.akamai.com/en/html/about/press/press459.html

Continuing Report: Unpatched IE Vulnerabilities

This is ground that's been tread over and over again recently, but it bears repeating: We are continuing to receive reports of exploitation of unpatched vulnerabilities in Internet Explorer resulting in code execution and system compromise. Take whatever precautions you feel are necessary to avoid becoming a victim, and continue sending in detailed reports if and when you see these attacks in the wild.

----------------------

Cory Altheide

Handler on Duty
Keywords:
0 comment(s)

Comments


Diary Archives