Denial of service vulnerabilities in Cisco products
Multiple network products from Cisco can be disabled by crafted network packets as a result of programming errors. Cisco's IOS router operating system contains a bug in the data link switching (DLSw) module. The result is that the system may restart, or may fill the memory with dross, when processing crafted UDP packets, or IP protocol 91 packets. This only happens if DLSw is activated – it is not activated by default.
A cryptographic library in IOS, the XR version of IOS, the security appliances PIX and ASA, the Firewall Service Module (FWSM) and the Unified CallManager crash when parsing ASN.1 encoded certificate fields. According to the CVE entry, this vulnerability is in the Crypto-C and Cert-C RSA libraries and has been known about for two years.
In its advisories the vendor describes various workarounds, essentially aimed at limiting the availability of the affected services to trusted IP ranges. Cisco administrators should, however, where possible, install the updates.
See also:
- Vulnerability In Crypto Library, Advisory from Cisco
- Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS, Advisory from Cisco
(trk)