Skip to content

customize
National Cyber Alert System
Technical Cyber Security Alert TA07-024A archive

Cisco IOS is Affected by Multiple Vulnerabilities

Original release date: January 24, 2007
Last revised: --
Source: US-CERT

Systems Affected

  • Cisco network devices running IOS in various configurations

Overview

Several vulnerabilities have been discovered in Cisco's Internet Operating System (IOS). A remote attacker may be able to execute arbitrary code on an affected device, cause an affected device to reload the operating system, or cause other types of denial of service.


I. Description

Cisco has published three advisories describing flaws in IOS with various security impacts, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Further details are available in the following vulnerability notes:

VU#217912 - Cisco IOS fails to properly process TCP packets

The Cisco IOS Transmission Control Protocol listener in certain versions of Cisco IOS software contains a memory leak. This memory leak may allow an attacker to create a denial-of-service condition.

VU#341288 - Cisco IOS fails to properly prcoess certain packets containing a crafted IP option

A vulnerability exists in the way Cisco IOS processes a number of different types of IPv4 packets containing a specially crafted IP option. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code on an affected device or create a denial-of-service condition

VU#274760 - Cisco IOS fails to properly process specially crafted IPv6 packets

Cisco IOS fails to properly process IPv6 packets with specially crafted routing headers. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code on an affected device or create a denial-of-service condition.


II. Impact

Although the resulting impacts of these three vulnerabilities is slightly different, in the case of VU#341288 and VU#274760, a remote attacker could cause an affected device to reload the operating system. In some cases, this creates a secondary denial-of-service condition because packets are not forwarded through the affected device while it is reloading. Repeated exploitation of these vulnerabilites may result in a sustained denial-of-service condition.

Because devices running IOS may transmit traffic for a number of other networks, the secondary impacts of a denial of service may be severe.

Also in the case of VU#341288 and VU#274760, successful exploitation may allow a remote attacker to execute arbitrary code on an affected device.


III. Solution

Upgrade to a fixed version of IOS

Cisco has updated versions of its IOS software to address these vulnerabilities. Please refer to the "Software Versions and Fixes" sections of the Cisco Security Advisories listed in the References section of this document for more information on upgrading.

Workaround

Cisco has also published practical workarounds for these vulnerabilities. Please refer to the "Workarounds" section of each Cisco Security Advisory listed in the References section of this document for more information.

Sites that are unable to install an upgraded version of IOS are encouraged to implement these workarounds.


IV. References



Feedback can be directed to US-CERT.


Produced 2007 by US-CERT, a government organization. Terms of use

Revision History

January 24, 2007: Initial release

Last updated January 24, 2007
print this document