Cisco warns over DNS glitch
Many products affected, overtime potential high
Posted in Data Networking, 26th May 2005 14:41 GMT
Free whitepaper – Fundamental Principles of Air Conditioners for Information Technology
Cisco is advising users of its IP telephony kit to update their software following the discovery of a flaw that might allow hackers to mount denial of service attacks. The bug, involving flaws in the processing of maliciously crafted DNS (Domain Name System) packets, also affects some of Cisco's content networking and secure router products.
The vulnerability is limited to Cisco products running DNS clients, rather than DNS Server functions, and creates a means for remote attackers to crash vulnerable devices, Cisco warns. Cisco has made a series of free software upgrades available to address the vulnerability. The scope of the vulnerability - and the number of products affected - promises to create a lot of work in Cisco shops, so users are advised to scope out remedial work sooner rather than later. More technical details (but not a list of affected vendors) can be found in a UK government UNIRAS alert here. ®
Related stories
Unholy trio pose DDoS risk for Cisco kit
Cisco patches VoIP vuln
Networks on yellow alert over ICMP flaw
Cisco source code theft part of 'mega-hack'

Analyst Keynote: The Register Agile Data Center Summit
Dell PowerEdge M710 with Dell EqualLogic storage vs. HP ProLiant BL685c with HP StorageWorks EVA 4400
Seven ways to optimize VMware server virtualization
The top 5 server monitoring battles

OCZ promising USB 3 desktop SSD
Fault tolerance in virtualised environments
EMC stages $100m international reorganisation
1,024 TV Re-Runs at 1.5GB/sec