Cisco Security Advisory: Cisco Ios Malformed Ospf

Full Version: Cisco Security Advisory: Cisco Ios Malformed Ospf

GovernmentSecurity.org > System Security > Networking Security / Firewall / IDS / VPN / Routers

buzzons

Aug 18 2004, 10:02 PM

QUOTE

Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload
Document ID: 61365
Revision 1.0
For Public Release 2004 August 18 15:00 UTC (GMT)

QUOTE

Summary

A Cisco device running Internetwork Operating System (IOS) ® and enabled for the Open Shortest Path First (OSPF) protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default.

The vulnerability is only present in Cisco IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines, and all Cisco IOS images prior to 12.0 are not affected.

Cisco has made free software available to address this vulnerability.

There are workarounds available to mitigate the effects.

This advisory is available at http://www.cisco.com/warp/public/707/cisco...0818-ospf.shtml.

Kynroxes

Aug 18 2004, 11:08 PM

yeah tks for informations always important in order to study the issue ...

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.