Alert

Cisco IOS is Affected by Multiple Vulnerabilities

Last Revised
Alert Code
TA07-024A

Systems Affected

  • Cisco network devices running IOS in various configurations

Overview

Several vulnerabilities have been discovered in Cisco's Internet
Operating System (IOS). A remote attacker may be able to execute
arbitrary code on an affected device, cause an affected device to
reload the operating system, or cause other types of denial of service.

Description

Cisco has published three advisories describing flaws in IOS with
various security impacts, the most serious of which could allow a
remote attacker to execute arbitrary code on an affected system.
Further details are available in the following vulnerability
notes:

VU#217912 -
Cisco IOS fails to properly process TCP packets

The Cisco IOS Transmission Control Protocol listener in certain
versions of Cisco IOS software contains a memory leak. This memory
leak may allow an attacker to create a denial-of-service condition.

VU#341288 -
Cisco IOS fails to properly prcoess certain packets containing a
crafted IP option

A vulnerability exists in the way Cisco IOS processes a number of
different types of IPv4 packets containing a specially crafted IP
option. Successful exploitation of this vulnerability may allow an
attacker to execute arbitrary code on an affected device or create a
denial-of-service condition

VU#274760 -
Cisco IOS fails to properly process specially crafted IPv6 packets

Cisco IOS fails to properly process IPv6 packets with specially
crafted routing headers. Successful exploitation of this vulnerability
may allow an attacker to execute arbitrary code on an affected device
or create a denial-of-service condition.

Impact

Although the resulting impacts of these three vulnerabilities is
slightly different, in the case of VU#341288 and
VU#274760, a remote
attacker could cause an affected device to reload the operating
system. In some cases, this creates a secondary denial-of-service
condition because packets are not forwarded through the affected device
while it is reloading. Repeated exploitation of these vulnerabilites
may result in a sustained denial-of-service condition.

Because devices running IOS may transmit traffic for a number of other
networks, the secondary impacts of a denial of service may be
severe.

Also in the case of VU#341288 and VU#274760, successful
exploitation may allow a remote attacker to execute arbitrary code on
an affected device.

Solution

Upgrade to a fixed version of IOS

Cisco has updated versions of its IOS software to address these
vulnerabilities. Please refer to the "Software Versions and Fixes"
sections of the Cisco Security Advisories listed in the References section of this document for more
information on upgrading.

Workaround

Cisco has also published practical workarounds for these
vulnerabilities. Please refer to the "Workarounds" section of each
Cisco Security Advisory listed in the References section of this document for more
information.

Sites that are unable to install an upgraded version of IOS are
encouraged to implement these workarounds.



References


Revision History

  • January 24, 2007: Initial release

This product is provided subject to this Notification and this Privacy & Use policy.