Cisco BGP DoS - Updates Galore!

Published: 2004-06-16
Last Updated: 2004-06-17 05:12:53 UTC
by Cory Altheide (Version: 1)
0 comment(s)
Cisco BGP DoS

Cisco released an advisory today announcing a denial-of-service vulnerability in their routers utilizing the BGP protocol. According to the advisory "unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet." Enabling md5 authentication to defend against the previous BGP/TCP vulnerabilities ( ) should be sufficient to mitigate the risk presented by this new vulnerability. Full details and links to updated software are available from Cisco:

Update: Local Linux Kernel DoS Fixed

The local denial-of-service vulnerability in the Linux kernel reported on the 14th ( ) has been fixed in the newly released 2.6.7 kernel. Grab the patches from your nearest mirror:

Update: Akamai Press Release

Akamai has issued a press release to address the service outages (attributed to a DDoS - ) which affected Akamai-hosted sites yesterday:

Continuing Report: Unpatched IE Vulnerabilities

This is ground that's been tread over and over again recently, but it bears repeating: We are continuing to receive reports of exploitation of unpatched vulnerabilities in Internet Explorer resulting in code execution and system compromise. Take whatever precautions you feel are necessary to avoid becoming a victim, and continue sending in detailed reports if and when you see these attacks in the wild.


Cory Altheide

Handler on Duty
0 comment(s)


Diary Archives