February 9, 2004

According to Cisco, Catalyst 6000 and 6500 switches and Cisco 7600 routers could freeze or reset if the device encounters a Layer 3 packet that is inconsistent in size with the Layer 2 frame encapsulating it.

A hardware vulnerability may cause some high-end Cisco Systems Inc. switches and routers with specific configurations to crash, but only under very specific circumstances.

To be affected, routers and switches must have a Multilayer Switch Feature Card 2 (MSFC2) with a FlexWAN or Optical Services Module (OSM). Equipment with a MSFC2 card running Cisco IOS Version 12.1(8b)E14, even without FlexWAN or OSM, are also vulnerable. Cisco CatOS software is not affected.

Cisco says that a Layer 2 frame crafted to have an inconsistent size with an encapsulated Layer 3 packet, and sent repeatedly to a vulnerable device, could bring down the switch or router. For this to happen, the packet must be routed in software — hardware-routed packets would not affect the device, Cisco says.

The vulnerability can only be corrected with a software upgrade. According to Cisco, only attack traffic sent from a node on an internal LAN could affect vulnerable switches or routers, since the specially-crafted packets would be corrected by non-vulnerable Layer 3 network devices before hitting a vulnerable switch or router.

Source: IT World Canada

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.