Feeds

Cisco warns over DNS glitch

Many products affected, overtime potential high

  • alert
  • submit to reddit

Remote control for virtualized desktops

Cisco is advising users of its IP telephony kit to update their software following the discovery of a flaw that might allow hackers to mount denial of service attacks. The bug, involving flaws in the processing of maliciously crafted DNS (Domain Name System) packets, also affects some of Cisco's content networking and secure router products.

The vulnerability is limited to Cisco products running DNS clients, rather than DNS Server functions, and creates a means for remote attackers to crash vulnerable devices, Cisco warns. Cisco has made a series of free software upgrades available to address the vulnerability. The scope of the vulnerability - and the number of products affected - promises to create a lot of work in Cisco shops, so users are advised to scope out remedial work sooner rather than later. More technical details (but not a list of affected vendors) can be found in a UK government UNIRAS alert here. ®

Related stories

Unholy trio pose DDoS risk for Cisco kit
Cisco patches VoIP vuln
Networks on yellow alert over ICMP flaw
Cisco source code theft part of 'mega-hack'

Intelligent flash storage arrays

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.