[GTER] Fw: CERT Advisory CA-2003-15 Cisco IOS Interface Blocked by IPv4 Packet
doc at n3tworkz.com
doc at n3tworkz.com
Thu Jul 17 01:51:35 -03 2003
último... esse veio do CERT
[]s
luiz eduardo
doc at n3tworkz.com http://www.n3tworkz.com
----- Original Message -----
From: "CERT Advisory" <cert-advisory at cert.org>
To: <cert-advisory at cert.org>
Sent: Wednesday, July 16, 2003 9:11 PM
Subject: CERT Advisory CA-2003-15 Cisco IOS Interface Blocked by IPv4 Packet
:
:
: -----BEGIN PGP SIGNED MESSAGE-----
:
: CERT Advisory CA-2003-15 Cisco IOS Interface Blocked by IPv4 Packet
:
: Original release date: July 16, 2003
: Last revised: --
: Source: CERT/CC
:
: A complete revision history can be found at the end of this file.
:
: Systems Affected
:
: * All Cisco devices running Cisco IOS software and configured to
: process Internet Protocol version 4 (IPv4) packets
:
: Overview
:
: A vulnerability in many versions of Cisco IOS could allow an intruder
: to execute a denial-of-service attack against a vulnerable device.
:
: I. Description
:
: Cisco IOS is a very widely deployed network operating system. A
: vulnerability in IOS could allow an intruder to execute a
: denial-of-service attack against an affected device. Cisco has
: published an advisory on this topic, available at
: http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml
: We strongly encourage sites using IOS to read this document and take
: appropriate action.
:
: The CERT/CC is tracking this issue as VU#411332. This reference number
: corresponds to CVE candidate CAN-2003-0567.
:
: II. Impact
:
: By sending specially crafted IPv4 packets to an interface on a
: vulnerable device, an intruder can cause the device to stop processing
: packets destined to that interface. Quoting from Cisco's advisory:
:
: "A device receiving these specifically crafted IPv4 packets will force
: the inbound interface to stop processing traffic. The device may stop
: processing packets destined to the router, including routing protocol
: packets and ARP packets. No alarms will be triggered, nor will the
: router reload to correct itself. This issue can affect all Cisco
: devices running Cisco IOS software. This vulnerability may be
: exercised repeatedly resulting in loss of availability until a
: workaround has been applied or the device has been upgraded to a fixed
: version of code."
:
: III. Solution
:
: Apply a patch from Cisco
:
: Apply a patch as described in Cisco's Advisory.
:
: Until a patch can be applied, you can mitigate the risks presented by
: this vulnerability by judicious use of access control lists (ACLs).
: The correct use of ACLs depends of your network topology.
: Additionally, ACLs may degrade performace on some systems. We
: recommend reviewing the following before applying ACLs
:
:
http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml#workarounds
: http://www.cisco.com/warp/public/707/racl.html
: http://www.cisco.com/warp/public/707/iacl.html
: _________________________________________________________________
:
: The CERT Coordination Center thanks Cisco Systems of for notifying us
: about this problem and for helping us to construct this advisory.
: _________________________________________________________________
:
: Feedback about this advisory may be directed to the author, Shawn
: Hernan
: ______________________________________________________________________
:
: This document is available from:
: http://www.cert.org/advisories/CA-2003-15.html
: ______________________________________________________________________
:
: CERT/CC Contact Information
:
: Email: cert at cert.org
: Phone: +1 412-268-7090 (24-hour hotline)
: Fax: +1 412-268-6989
: Postal address:
: CERT Coordination Center
: Software Engineering Institute
: Carnegie Mellon University
: Pittsburgh PA 15213-3890
: U.S.A.
:
: CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /
: EDT(GMT-4) Monday through Friday; they are on call for emergencies
: during other hours, on U.S. holidays, and on weekends.
:
: Using encryption
:
: We strongly urge you to encrypt sensitive information sent by email.
: Our public PGP key is available from
: http://www.cert.org/CERT_PGP.key
:
: If you prefer to use DES, please call the CERT hotline for more
: information.
:
: Getting security information
:
: CERT publications and other security information are available from
: our web site
: http://www.cert.org/
:
: To subscribe to the CERT mailing list for advisories and bulletins,
: send email to majordomo at cert.org. Please include in the body of your
: message
:
: subscribe cert-advisory
:
: * "CERT" and "CERT Coordination Center" are registered in the U.S.
: Patent and Trademark Office.
: ______________________________________________________________________
:
: NO WARRANTY
: Any material furnished by Carnegie Mellon University and the Software
: Engineering Institute is furnished on an "as is" basis. Carnegie
: Mellon University makes no warranties of any kind, either expressed or
: implied as to any matter including, but not limited to, warranty of
: fitness for a particular purpose or merchantability, exclusivity or
: results obtained from use of the material. Carnegie Mellon University
: does not make any warranty of any kind with respect to freedom from
: patent, trademark, or copyright infringement.
: _________________________________________________________________
:
: Conditions for use, disclaimers, and sponsorship information
:
: Copyright 2003 Carnegie Mellon University.
:
: Revision History
: July 16, 2003: Initial release
:
: -----BEGIN PGP SIGNATURE-----
: Version: PGP 6.5.8
:
: iQCVAwUBPxYbmGjtSoHZUTs5AQHiYQP+PjIzMmIUKAl6F/ZoPtwJbg3Yg35IvI1p
: FkWwN6JXSdJh5Kb/6ZKA45ofLJXWhpiYJ8bIIs+b9GihX3d/h/wjCCgQjyIpmxHn
: IQoOhJ0vkWZeawsmEmNXsYuGaBnFHntQ7o497hexP3Pxil8f3paJWWF+D9WNdo7r
: gBSjjNpe678=
: =LnAX
: -----END PGP SIGNATURE-----
:
:
More information about the gter
mailing list