The Register® — Biting the hand that feeds IT

Cisco warns over DNS glitch

Many products affected, overtime potential high

Free whitepaper – Deploying high-density zones in a low-density data center

Cisco is advising users of its IP telephony kit to update their software following the discovery of a flaw that might allow hackers to mount denial of service attacks. The bug, involving flaws in the processing of maliciously crafted DNS (Domain Name System) packets, also affects some of Cisco's content networking and secure router products.

The vulnerability is limited to Cisco products running DNS clients, rather than DNS Server functions, and creates a means for remote attackers to crash vulnerable devices, Cisco warns. Cisco has made a series of free software upgrades available to address the vulnerability. The scope of the vulnerability - and the number of products affected - promises to create a lot of work in Cisco shops, so users are advised to scope out remedial work sooner rather than later. More technical details (but not a list of affected vendors) can be found in a UK government UNIRAS alert here. ®

Related stories

Unholy trio pose DDoS risk for Cisco kit
Cisco patches VoIP vuln
Networks on yellow alert over ICMP flaw
Cisco source code theft part of 'mega-hack'

Free whitepaper – Fundamental Principles of Air Conditioners for Information Technology

Don’t Miss

HP LogoHP shoots low with Lynnfield ProLiants

Plus Hyper-V bundles, new switch

VMware virtually crashes Windows 7 desktop party

Tempts Windows XP laggards

Neon SoftwarezPrime cost-cutting mainframeware gets traction

Neon chuffed, talking to DOJ and Brussels

UK2 dot NetDelays, password problems hit UK2 email restore

Sunday night = Monday night