Feeds

Cisco ships six fixes for DoS bugs

Happy Thursday, sysadmins

Choosing a cloud hosting partner with confidence

Sysadmins can get themselves ready for a busy Cisco “patch Thursday”, after the Borg lobbed six patches out the door to deal with a range of denial-of-service (DoS) vulnerabilities in IOS.

The vulnerabilities – see here for a single list – are all scored a CVS base score better than 7 as being remotely exploitable without authentication. Most boil down to how various bits of IOS handle (or don't handle) malformed packets.

Taking them one-by-one:

  • SIP DoS in IOS – Some SIP messages, even though they'd be considered “well-formed”, can trigger a device reload. IOS XE Software release 3.10.0S and 3.10.1S are affected and a fix is available.
  • Key exchange module – the Internet Key Exchange module, IKEv2, can be crashed with a malformed packet. Customers are advised to upgrade to a non-vulnerable version of IOS XE.
  • IOS NAT – Malformed DNS packets can crash the NAT in various IOS versions. Fixed versions are available.
  • IOS SSL VPNs – the SSL subsystem in IOS is vulnerable to crafted HTML requests “designed to consume memory to an affected device”. Various IOS 15.1, 15.2, 15.3 and 15.4 releases are affected, with fixes available.
  • IOS and IOS XE IPv6 stack – can be crashed with crafted IPv6 packets, with fixes available.
  • 7600 Switch Processor with 10 Gbps Ethernet uplinks – crafted IP packets can crash the Kailash FPGA in versions prior to 2.6, with fixes available.

Happy network patch day, network admins!®

New hybrid storage solutions

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.