Saturday, October 5, 2013

Cisco IOS patched 10 DoS vulns

Cisco Systems issued 10 fixes for different flaws in its IOS software. While the manufacturer says hackers haven't been exploiting these vulnerabilities as of yet, now that the information is in the public sphere it is definitely a possibility. But detailed instructions are online from Cisco that detail fixes or workarounds for the Network Time Protocol (NTP), the Internet Key Exchange protocol, the dynamic Host Configuration Protocol (DHCP), the Resource Reservation Protocol (RSVP), the virtual fragmentation reassembly (VFR) feature for IP version 6 (IPv6), the Zone-Based Firewall (ZBFW) component, the T1/E1 driver queue and the Network Address Translation (NAT) function for Domain Name System), and Point-to-Point Tunnelling Protocol (PPTP). The patches were issued on last Wednesday as part of Cisco's ongoing program to release iOS security advisories on the fourth Wednesday of every March and September. Cisco recommends user to apply patches on earliest basis. <more>

No comments: