Security flaw in Cisco Catalyst 6000 & 6500 switches
February 9, 2004
According to Cisco, Catalyst 6000 and 6500 switches and Cisco 7600 routers could freeze or reset if the device encounters a Layer 3 packet that is inconsistent in size with the Layer 2 frame encapsulating it.
A hardware vulnerability may cause some high-end Cisco Systems Inc. switches and routers with specific configurations to crash, but only under very specific circumstances.
To be affected, routers and switches must have a Multilayer Switch Feature Card 2 (MSFC2) with a FlexWAN or Optical Services Module (OSM). Equipment with a MSFC2 card running Cisco IOS Version 12.1(8b)E14, even without FlexWAN or OSM, are also vulnerable. Cisco CatOS software is not affected.
Cisco says that a Layer 2 frame crafted to have an inconsistent size with an encapsulated Layer 3 packet, and sent repeatedly to a vulnerable device, could bring down the switch or router. For this to happen, the packet must be routed in software — hardware-routed packets would not affect the device, Cisco says.
The vulnerability can only be corrected with a software upgrade. According to Cisco, only attack traffic sent from a node on an internal LAN could affect vulnerable switches or routers, since the specially-crafted packets would be corrected by non-vulnerable Layer 3 network devices before hitting a vulnerable switch or router.
Source: IT World Canada
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing