Skip navigation
Menu
Security

Denial of Service in Cisco IOS - 17 Jul 2003

Reported July 16, 2003, by Cisco Systems.

VERSIONS AFFECTED

All Cisco products that run IOS and IPv4

DESCRIPTION

Cisco reported a Denial of Service (DoS) condition in its IOS software that occurs when the software is configured to use IP version 4 (IPv4). A sequence of specially crafted IPv4 packets can cause the input interface to stop processing traffic when the input queue is full, thereby causing the router to stop processing inbound traffic.

One Ethernet interfaces the Address Resolution Protocol (ARP) times out after a certain period, which is 4 hours by default. A malicious user can conduct an attack against all interfaces, at which point the router becomes remotely inaccessible. Rebooting the router can clear the problem; however, user intervention is necessary.

VENDOR RESPONSE

Cisco has made new IOS software code available. The company said, "Customers with contracts should obtain upgraded software free of charge through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on the Cisco worldwide Web site at http://www.cisco.com/tacpage/sw-center/sw-ios.html.

"Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with obtaining the free software upgrade(s).

"Customers who purchase directly from Cisco but who don't hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are 408-526-7209, 800-553-2447, or [email protected].

"Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.

"Please do not contact either "[email protected]" or "[email protected]" for software upgrades.

"See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers, instructions, and email addresses for use in various languages."

More information is available, including workaround information, in the bulletin at Cisco's Web site.

CREDIT

Discovered by Cisco Systems.


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
a digital padlock icon with multiple colors
Cybersecurity Workforce Sustainability Has a Problem. DEI Could Be the Solution.
May 06, 2024
the word acronym spelled out with wooden pieces
Cybersecurity Acronyms Cheat Sheet
May 06, 2024
clinician securely sharing sensitive healthcare data across mobile devices and medical practices
How to Ensure Data Protection, IT Security, and Compliance in Life Sciences
Apr 30, 2024
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024