Network gear maker Cisco Systems Inc. issued a bulletin on Wednesday detailing a vulnerability found in its routers and switches that run its operating system software, which could cause the network devices to crash.
According to Cisco, routers and switches configured to process Internet Protocol version 4 (IPv4) packets, in addition to running its IOS 11.x and 12.x software, are at risk of denial of service (DoS) attacks.
Cisco explained that attackers can virtually trick routers to think input queues -storage areas for incoming data – are full. Network administrators would be faced with a crashed router and would inevitably have to reboot the system to clear the queues.
According to a statement issued by Internet Systems Security (ISS), an Atlanta-based security software and services firm, the vulnerable platforms represent the vast majority of currently deployed Cisco devices. ISS also noted that attacks may be launched at specific targets or indiscriminately, causing widespread outages, and added that an attack is unlikely to be blocked by legacy firewall devices.
Cisco has issued a workaround to combat the problem. Registered users can find information using the Bug Toolkit at www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. Non-registered users can find details at www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml.
The company recommended that all IOS devices, which process IPv4 packets be configured to block traffic directed to the router from any unauthorized source using Access Control Lists (ACLs).
So far, there have been no reported attacks related to the vulnerability. San Jose-based Cisco is online at www.cisco.com.