Cisco Products TCP State Remote Denial of Service Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in various Cisco products, which could be exploited by remote attackers to cause a denial of service.
1. An errors in TCP protocol when handling the states of large numbers of established TCP connections, which could be exploited to exhaust all available system resources, creating a denial of service condition.
2. An error in Cisco NX-OS when receiving a specific sequence of TCP packets, which could be exploited to crash an affected device.
Impact
- Denial of Service
System / Technologies affected
- Cisco IOS versions 12.x
- Cisco IOS-XE versions 2.1.x
- Cisco IOS-XE versions 2.2.x
- Cisco CatOS versions 7.x
- Cisco CatOS versions 8.x
- Cisco ASA versions 7.x
- Cisco ASA version 8.0
- Cisco ASA version 8.1
- Cisco PIX versions 7.x
- Cisco PIX version 8.0
- Cisco PIX version 8.1
- Cisco NX-OS versions 4.x
- Cisco Nexus 5000
- Cisco Nexus 7000
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to fixed versions :
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtmlUsers with contracts should obtain upgraded software through regular update channels. Most users can obtain upgrades via the Software Center on Cisco's Worldwide Web site at http://www.cisco.com/.
Users without contracts should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows:
+1 800 553 2447 (toll-free call within North America)
+1 408 526 7209 (toll call from elsewhere in the world)
E-mail: [email protected]
Vulnerability Identifier
Source
Related Link
Share with