Published: 2008-04-06T20:02+00:00    Last Updated: 2008-05-07T08:07+00:00

TRTA08-087B
Cisco Updates for Multiple Vulnerabilities

Overview

Cisco has released Cisco Security Advisory cisco-sa-20080326-bundle to correct multiple vulnerabilities affecting Cisco IOS. Attackers could exploit these vulnerabilities to access sensitive information or cause a denial of service.

Event Information

Date (UTC)Description
2008-03-27 20:05 US-CERT
TA08-087B: Cisco Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
Cisco has released Cisco Security Advisory cisco-sa-20080326-bundle to correct multiple vulnerabilities affecting Cisco IOS. Attackers could exploit these vulnerabilities to access sensitive information or cause a denial of service.
2008-03-27 13:25 SANS Internet Storm Center
Cisco security advisory overview
Cisco released today its first combined six-monthly batch of security advisories.
2008-03-26 16:00 Cisco
cisco-sa-20080326-pptp: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
Via Cisco Security Mailing List
Two vulnerabilities exist in the virtual private dial-up network (VPDN) solution when Point-to-Point Tunneling Protocol (PPTP) is used in certain Cisco IOS releases prior to 12.3. PPTP is only one of the supported tunneling protocols used to tunnel PPP frames within the VPDN solution. The first vulnerability is a memory leak that occurs as a result of PPTP session termination. The second vulnerability may consume all interface descriptor blocks on the affected device because those devices will not reuse virtual access interfaces. If these vulnerabilities are repeatedly exploited, the memory and/or interface resources of the attacked device may be depleted.
2008-03-26 16:00 Cisco
cisco-sa-20080326-mvpn: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
Via Cisco Security Mailing List
A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is subject to exploitation that can allow a malicious user to create extra multicast states on the core routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual Private Networks (VPN) by sending specially crafted messages.
2008-03-26 16:00 Cisco
cisco-sa-20080326-queue: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720
Via Cisco Security Mailing List
Certain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from entering an affected interface. For a device to be vulnerable, it must be configured for Open Shortest Path First (OSPF) Sham-Link and Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN). This vulnerability only affects Cisco Catalyst 6500 Series or Catalyst 7600 Series devices with the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720) or Route Switch Processor 720 (RSP720) modules. The Supervisor 32, Supervisor 720, Supervisor 720-3B, Supervisor 720-3BXL, Route Switch Processor 720, Route Switch Processor 720-3C, and Route Switch Processor 720-3CXL are all potentially vulnerable.
2008-03-26 16:00 Cisco
cisco-sa-20080326-dlsw: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS
Via Cisco Security Mailing List
Cisco IOS contains multiple vulnerabilities in the Data-link Switching (DLSw) feature that may result in a reload or memory leaks when processing specially crafted UDP or IP Protocol 91 packets.
2008-03-26 16:00 Cisco
cisco-sa-20080326-IPv4IPv6: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers
Via Cisco Security Mailing List
A device running Cisco IOS software that has Internet Protocol version 6 (IPv6) enabled may be subject to a denial of service (DoS) attack. For the device to be affected by this vulnerability the device also has to have certain Internet Protocol version 4 (IPv4) User Datagram Protocol (UDP) services enabled. To exploit this vulnerability an offending IPv6 packet must be targeted to the device. Packets that are routed throughout the router can not trigger this vulnerability. Successful exploitation will prevent the interface from receiving any additional traffic. The only exception is Resource Reservation Protocol (RSVP) service, which if exploited, will cause the device to crash. Only the interface on which the vulnerability was exploited will be affected.
2008-03-26 16:00 Cisco
cisco-sa-20080326-bundle: Combined IOS Table for March 26, 2008, Security Advisory Bundle
The March 26, 2008, publication includes five Security Advisories. The Advisories all affect Cisco IOS. Each Advisory lists the releases that correct the vulnerability described in the Advisory, and the Advisories also detail the releases that correct the vulnerabilities in all five Advisories.
2008-03-26 12:14 US-CERT
Cisco Releases Security Advisories
US-CERT Current Activity
Cisco has released five security advisories to address multiple vulnerabilities in Cisco IOS. These vulnerabilities may allow a remote, unauthenticated attacker to cause a denial-of-service condition on the affected device.