Article

Cisco stamps patches on timestamp flaws

Amy Storer, News Writer

Several reported vulnerabilities in Cisco Systems Inc.'s products can be exploited to cause denial-of-service conditions on active Transmission Control Protocol (TCP) sessions.

The product flaws, confirmed in an update released by Cisco and classified as low risk in a Secunia advisory posted this morning, include:

Cisco Aironet 1200 Series Access Point

Cisco Aironet 350 Series Access Point

Cisco Content Services Switch 11000 Series (WebNS)

Cisco MGX 8200 Series Edge Concentrators

Cisco MGX 8800 Series Multiservice Switches

Cisco MGX 8900 Series Multiservice Switches

Cisco SN5400 Series Storage Routers

Requires Free Membership to View

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

For more information

Check out our white paper on managing Cisco network security.

Learn more about troubleshooting VPNs.

The vulnerability is caused due to a TCP timestamp option error. The flaws allow a remote user to send a packet with specially crafted TCP timestamp options, ultimately causing a target TCP connection to stall until the TCP connection is reset.
The advisory said knowledge of IP address information of the source and destination of the TCP network connection is required for successful exploitation.
Only systems running VxWorks, a real-time operating system for embedded software and process control applications, are affected.
Systems running VxWorks can be upgraded to Cisco IOS to address this issue; access points running Cisco IOS are not affected.
The Cisco advisory recommends that users apply vendor-provided patches.
Related Topics: Network Security Monitoring and Analysis, Troubleshooting Wireless Networks, WLAN Security, VIEW ALL TOPICS
More News and Tutorials
- Articles
  
  Hardware hit by multiple vulnerabilities
  
  Help with 2511 router configuration
  
  Working with date and timestamp in DB2
  
  Flaw hits Cisco IP Phones
  
  Can two VPN clients coexist?
- How can network security be audited?
  
  Can I push a policy ACL onto a Pocket PC
  
  Inside the UK's Security Assessment of the Transmission Control Protocol report
  
  Protect your firewall and set embryonic limits
  
  Detect events without Snort IDS rules
- Related glossary terms
  
  Terms for Whatis.com - the technology online dictionary
  
  darknet
  
  port mirroring (roving analysis port)
  
  firewall
  
  deep packet inspection (DPI)
  
  FCAPS (fault-management, configuration, accounting, performance, and security)
  
  blended threat
  
  Metasploit Project - Metasploit Framework
  
  Nessus
  
  netstat

Latest Headlines

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Guides

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Featured

Blogs

Cisco stamps patches on timestamp flaws

Requires Free Membership to View

More News and Tutorials

Articles

Related glossary terms

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

Latest News

More from Related TechTarget Sites