Cisco stamps patches on timestamp flaws

Cisco says updates are available to remedy vulnerabilities in its access points and other products that could enable denial-of-service conditions.

Several reported vulnerabilities in Cisco Systems Inc.'s products can be exploited to cause denial-of-service conditions on active Transmission Control Protocol (TCP) sessions.

The product flaws, confirmed in an update released by Cisco and classified as low risk in a Secunia advisory posted this morning, include:

  • Cisco Aironet 1200 Series Access Point
  • Cisco Aironet 350 Series Access Point
  • Cisco Content Services Switch 11000 Series (WebNS)
  • Cisco MGX 8200 Series Edge Concentrators
  • Cisco MGX 8800 Series Multiservice Switches
  • Cisco MGX 8900 Series Multiservice Switches
  • Cisco SN5400 Series Storage Routers

    For more information

    Check out our white paper on managing Cisco network security.

    Learn more about troubleshooting VPNs.

    The vulnerability is caused due to a TCP timestamp option error. The flaws allow a remote user to send a packet with specially crafted TCP timestamp options, ultimately causing a target TCP connection to stall until the TCP connection is reset.

    The advisory said knowledge of IP address information of the source and destination of the TCP network connection is required for successful exploitation.

    Only systems running VxWorks, a real-time operating system for embedded software and process control applications, are affected.

    Systems running VxWorks can be upgraded to Cisco IOS to address this issue; access points running Cisco IOS are not affected.

    The Cisco advisory recommends that users apply vendor-provided patches.

  • This Content Component encountered an error

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchSDN

    SearchEnterpriseWAN

    SearchUnifiedCommunications

    SearchMobileComputing

    SearchDataCenter

    SearchITChannel

    Close