Feeds

Cisco issues network security brown alert

Serious DoS risk

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Cisco warned last night of a potentially devastating flaw affecting a wide range of routers and switches.

The DoS vulnerability rises from a bug in Cisco's core IOS software and could cause vulnerable devices to stop processing inbound packets on receipt of maliciously constructed IPv4 packets. Normal service would be restored only with a manual reboot.

No alarms will be triggered, nor will the router reload to correct itself. Cisco IOS versions 11.x and 12.x prior to 12.3 are affected by the vulnerability. That means almost everybody is affected.

Indications are that there are no exploits for the bug as yet, however that's no reason for complacency. The flaw is just about as serious a security issue with networking equipment as one could imagine.

Cisco has issued an advisory with workarounds and available fixes, which network admins are strongly advised to promptly review. Security clearing house CERT has also issued an advisory on the problem. ®

Remote control for virtualized desktops

More from The Register

next story
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
Want to STUFF Facebook with blatant ADVERTISING? Fine! But you must PAY
Pony up or push off, Zuck tells social marketeers
The cloud that goes puff: Seagate Central home NAS woes
4TB of home storage is great, until you wake up to a dead device
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.