Several reported vulnerabilities in Cisco Systems Inc.'s products can be exploited to cause denial-of-service conditions on active Transmission Control Protocol (TCP) sessions.
The product flaws, confirmed in an update released by Cisco and classified as low risk in a Secunia advisory posted this morning, include:
The advisory said knowledge of IP address information of the source and destination of the TCP network connection is required for successful exploitation.
Only systems running VxWorks, a real-time operating system for embedded software and process control applications, are affected.
Systems running VxWorks can be upgraded to Cisco IOS to address this issue; access points running Cisco IOS are not affected.
The Cisco advisory recommends that users apply vendor-provided patches.