Cisco cleans up: Numerous DoS vulnerabilities in IOS resolved
Cisco has published 12 advisories about security holes and vulnerabilities in its IOS router operating system and in Cisco Unified Communications Manager. Specially crafted L2TP, SCCP, MPLS and SIP packets can cause vulnerable devices to reboot and protocol-independent multicast packets (PIM) can cause systems to freeze. There is also an operational flaw in several MPLS based VPNs which can result in spurious packets being passed between VPNs, exposing information in the process.
Crashes can also occur when establishing an SSL connection with a Cisco device. Affected devices are those with an active webserver or those which offer SSL-VPN functionality. If IOS Firewall Application Inspection Control (AIC) is enabled, certain HTTP packets may also cause a system to freeze. The vendor reports that a similar problem also occurs in the IOS Intrusion Prevention System (IPS). Cisco Unified Communications Manager has also been found to contain two DoS vulnerabilities in its SIP implementation, allowing intruders to trigger system crashes using manipulated packets.
Attackers may gain complete control of Cisco uBR10012 devices because the SNMP configuration of these devices appears to have standard communities enabled by default. Devices in the Cisco 10000, uBR10012 and uBR7200 series also appear to have a factory default with an open UDP port for Inter-Process Communication (IPC), which allows the device to crash when certain packets are received.
Cisco has released updates for all the vulnerabilities. The vendor's original report contains details of which IOS versions are affected by these vulnerabilities and the updates that will solve the problems.