CERT-In Vulnerability Note CIVN-2009-43
Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability
Original Issue Date: April 06, 2009
Severity Rating:
High
Systems Affected
Cisco IOS and Cisco IOS XE devices configured to use any of the following features are affected:
- Airline Product Set (ALPS)
- Serial Tunnel Code (STUN) and Block Serial Tunnel Code (BSTUN)
- Native Client Interface Architecture support (NCIA)
- Data-link switching (DLSw)
- Remote Source-Route Bridging (RSRB)
- Point to Point Tunneling Protocol (PPTP)
- X.25 for Record Boundary Preservation (RBP)
- X.25 over TCP (XOT)
- X.25 Routing
Overview
Cisco IOS Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload. Description
This vulnerability is due to an error in the Cisco IOS Software while handling malicious TCP packets. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted TCP packets to the target device to cause a reload. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition.
Solutions
Use fixed version as suggested by vendor at: http://www.cisco.com/en/US/products/products_
security_advisory09186a0080a904cb.shtml
Vendor Information
CISCO
http://www.cisco.com/en/US/products/products_
security_advisory09186a0080a904cb.shtml
References
Security Focus
http://www.securityfocus.com/bid/34238
Security Tracker
http://securitytracker.com/id?1021903
Secunia
http://secunia.com/advisories/34438
CVE Name
CVE-2009-0629
Disclaimer The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
