Webmaster rambling and mental notes
Home | Profile | Archives | Friends
Cisco Confirms Regex Flaw in IOS
9/16/2007

Gattaca writes "Cisco has announced a confirmation of an unpatched denial of service vulnerability in Cisco IOS. From the NetPro Forum post: 'I have just discovered a regular expression that crashes the router. I suspect the error is because of division by zero. Since I work for the Enterprise, I do not have direct access to TAC. Please somebody report this to Cisco. I have tested it on ranges of routers (2611, 2821, 2851, 7206) and IOSes (12.0-12.4). All routers crashed with some type of BUS ERROR. Command can be issued in user mode, therefore I think it can be considered as vulnerability to potentially cause DOS.'" Of course, the command has to be entered in user mode, so while potentially a vulnerability, chances are your local IOS-based router won't be DoSed via the bug any time soon.

Read more of this story at Slashdot.


More: - The rest...

Mark

Share |
(Posted in Nerd)
Share and enjoy
  • Digg
  • del.icio.us
  • blinkbits
  • BlinkList
  • BlogMemes
  • blogmarks
  • DZone
  • Fark
  • Furl
  • Netvouz
  • NewsVine
  • Reddit
  • Slashdot
  • Smarking
  • Spurl
  • StumbleUpon
  • Taggly
  • Technorati
  • YahooMyWeb
Post Comment

Notify me of followup comments via e-mail.

Entry 1 of 6209
Last Page | Next Page