CERT-MU Vulnerability Note VN-2009-10
Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability
Original Issue Date: April 06, 2009
Severity Rating: High
Systems Affected
Cisco IOS and Cisco IOS XE devices configured to use any of the following features are affected:
- Airline Product Set (ALPS)
- Serial Tunnel Code (STUN) and Block Serial Tunnel Code (BSTUN)
- Native Client Interface Architecture support (NCIA)
- Data-link switching (DLSw)
- Remote Source-Route Bridging (RSRB)
- Point to Point Tunneling Protocol (PPTP)
- X.25 for Record Boundary Preservation (RBP)
- X.25 over TCP (XOT)
- X.25 Routing
Overview
Cisco IOS Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload.
Description
This vulnerability is due to an error in the Cisco IOS Software while handling malicious TCP packets. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted TCP packets to the target device to cause a reload. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition.
Solution
Use fixed version as suggested by vendor at:http://www.cisco.com/en/US/products/products_security_
advisory09186a0080a904cb.shtml
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Vendor Information
CISCO
http://www.cisco.com/en/US/products/products_security_
advisory09186a0080a904cb.shtml
CVE Name
CVE-2009-0629
References
Security Focus
http://www.securityfocus.com/bid/34238
Security Tracker
http://securitytracker.com/id?1021903
Secunia
http://secunia.com/advisories/34438
|
