In association with heise online

22 August 2009, 02:04

Deadly pings for Cisco routers and switches

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A bug in the Firewall Services Module (FWSM) software allows Cisco routers and switches to be disabled by a series of crafted ICMP packets. Catalyst 6500 series switches and Cisco 7600 series routers equipped with a Firewall Services Module are affected. All FWSM software versions 2.x, 3.x and 4.x without the specific fix for this bug are vulnerable. In a security advisory, Cisco states that processing ICMP packets can lead a processor to use all available execution threads, with the result that the system will not forward any further packets. The FSWM itself is then no longer available remotely and, if configured for failover operation, the failover may also fail.

The command show np 2 stats can be used to determine whether the problem has previously occurred. If it has the error message "ERROR: np_logger_query request for FP Stats failed" is returned. The vendor does not suggest a workaround, but has made updated versions of the FWSM software available in which the problem does not occur.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit