Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Cisco Security Advisory TCP DoS InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cisco Security Advisory TCP DoS

Published: 2009-09-08
Last Updated: 2009-09-09 11:10:09 UTC
by Guy Bruneau (Version: 1)
1 comment(s)

ISC reader Kurt reported that Cisco has released an advisory affecting TCP State Manipulation which cause a Denial of Service that affect multiple Cisco Products. If an attacker send TCP connections forced into long-lived or indefinite state by preventing new TCP connections from being accepted, it could possibly cause a DoS indefinitely.

Additional information on the Cisco advisory is available here.

The following products are affected:

  • Cisco IOS-XE Software
  • Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 are affected if they are configure with specific features
  • The version of Cisco NX-OS Software that is running on Cisco Nexus 5000 and 7000 series devices
  • Scientific Atlanta customers are instructed to contact Scientific Atlanta's Technical Support for questions regarding the impact, mitigation and remediation of the vulnerabilities
  • Customers with Linksys products should contact Linksys security for questions regarding the impact, mitigation and remediation of the vulnerabilities

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

UPDATE

In addition to the Cisco advisory there is some additional information and response to the issue from other vendors here ==> https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html  - M

Keywords: Cisco DoS
1 comment(s)
Diary Archives