July 11th, 2003, 12:01 PM
Cisco Switches Vulnerable to DoS
Cisco released a Security Advisory that a denial-of-service (DoS) condition exists that affects Catalyst 4000, 5000 and 6000 series swicthes running CatOS.
The advisory states that there is a software update available to fix the flaw for all affected customers.
After receiving eight TCP connection attempts using a non-standard TCP flags combination, a Catalyst switch will stop responding to further TCP connections to that particular service. In order to re-establish functionality of that service, the switch must be rebooted. There is no workaround. This vulnerability affects only CatOS. No other Cisco products are affected.
July 11th, 2003, 03:18 PM
It was a "headline" on my RSS feed this morning and doing a search on the threads here didn't reveal any previous posts on the subject so I thought I'd post the heads up.
If I'm late to the party I apologize.
July 11th, 2003, 04:22 PM
Thanks for the heads up. I am getting ready to patch my 8 switched at the office now.
Insert whitty tagline right here.
July 11th, 2003, 04:39 PM
I am patching mine too. You know what's funny??
Whenever a cisco vulerabilty is released we are all Ohhing and Ahhhing and worried. When MS or Norton or McAfee release a patch we are all "fkiing piece of sh@t, blah blah blah."
I just find in comical for today. Thanks TonyBradley, I am firing up that TFTP for some patching and backing up.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.