Feeds

Unholy trio pose DDoS risk for Cisco kit

Malformed protocols flummox routers

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The software in many large networks needs to be updated following the discovery of multiple flaws in routers and switches running Cisco's IOS software.

Three security bugs, each involving the way Cisco's software processes particular protocols, could be used to reload affected devices. Repeating the trick would enable crackers to mount denial of service attacks against vulnerable Cisco-based networks.

Each of the flaws - involving the processing of malformed IPv6, BGP and MPLS packets - is separate, but each carries the same denial of service risk. BGP (Border Gateway Protocol) and MPLS (Multi-Protocol Label Switching) are both important protocols used to manage IP routing in large networks.

Links to free software upgrades, along with advice on suggested workarounds, can be found via a US-CERT advisory or on Cisco's website.

The announcement of the vulnerabilities marks the second significant security advisory batch by Cisco in as many days. Earlier this week the networking giant advised users of IP Telephony kit to patch systems following the discovery of a separate security risk. ®

Related stories

Cisco patches VoIP vuln
Cisco fixes 'decoy attack' in security software
Cisco beefs up IOS security

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
State Dept shuts off unclassified email after hack. Classified mail? That's CLASSIFIED
Classified systems 'not affected' - but, is this reconnaissance?
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.