News Stay informed about the latest enterprise technology news and product updates.

Cisco stamps patches on timestamp flaws

Cisco says updates are available to remedy vulnerabilities in its access points and other products that could enable denial-of-service conditions.

Several reported vulnerabilities in Cisco Systems Inc.'s products can be exploited to cause denial-of-service conditions on active Transmission Control Protocol (TCP) sessions.

The product flaws, confirmed in an update released by Cisco and classified as low risk in a Secunia advisory posted this morning, include:

  • Cisco Aironet 1200 Series Access Point
  • Cisco Aironet 350 Series Access Point
  • Cisco Content Services Switch 11000 Series (WebNS)
  • Cisco MGX 8200 Series Edge Concentrators
  • Cisco MGX 8800 Series Multiservice Switches
  • Cisco MGX 8900 Series Multiservice Switches
  • Cisco SN5400 Series Storage Routers

    For more information

    Check out our white paper on managing Cisco network security.

    Learn more about troubleshooting VPNs.

    The vulnerability is caused due to a TCP timestamp option error. The flaws allow a remote user to send a packet with specially crafted TCP timestamp options, ultimately causing a target TCP connection to stall until the TCP connection is reset.

    The advisory said knowledge of IP address information of the source and destination of the TCP network connection is required for successful exploitation.

    Only systems running VxWorks, a real-time operating system for embedded software and process control applications, are affected.

    Systems running VxWorks can be upgraded to Cisco IOS to address this issue; access points running Cisco IOS are not affected.

    The Cisco advisory recommends that users apply vendor-provided patches.

  • Dig Deeper on Network Security Monitoring and Analysis

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.