Cisco warns products are carrying DoS vunerabilities

Cisco warns products are carrying DoS vunerabilities

The vendor has issued a public notice about confirmed vulnerabilities in several of its product series

A number of Cisco products are carrying denial of service (DoS) vulnerabilities which could result in system crashes.

According to a public advisory notice from the vendor, seven product ranges are susceptible to DoS attacks that manipulate the state of transmission control protocol (TCP) connections. Through these vulnerabilities, assailants can force a number of TCP connections to remain in a long-lived state indefinitely, consuming system resources and preventing new connections to be made.

According to the Cisco notice, this issue can sometimes be resolved with a reboot.

Cisco Nexus 5000 devices were flagged to have a TCP DoS opening that can crash a system through receiving a specific sequence of TCP packets.

Confirmed affected product lines are:

  • Cisco IOS Software
  • Cisco IOS-XE Software
  • Cisco IOS-XE Software
  • Cisco Adaptive Security Appliance (ASA) and Cisco PIX
  • Cisco NX-OS Software
  • Scientific Atlanta Products
  • Linksys Products

The vendor has released a free software update that addresses the problem, which can be found on Cisco’s website with workarounds available as well.

Cisco has also released a list of confirmed safe product lines:

  • Cisco IOS XR
  • Cisco IOS Software Modularity
  • Cisco ASA Software version 8.2
  • Cisco PIX Software version 6.x and earlier
  • Cisco Firewall Services Module (FWSM)
  • Cisco Multilayer Distribution Switches (MDS)
  • Cisco Application Control Engine (ACE) Modules and Appliances
  • Cisco ACE XML Gateway
  • Cisco Access Control Server (ACS) Solution Engine
  • Cisco Guard
  • Cisco Security Monitoring, Analysis, and Response System (CS-MARS)
  • Cisco ONS 15000
  • Cisco Content Services Switches (CSS)
  • Cisco Wide Area Application Services (WAAS)
  • Cisco Wireless LAN Controller (WLC)
  • IronPort C, M, S and X Series Appliances

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cisco

Show Comments