Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Flaw Found In Cisco IOS Devices

Posted by simoniker on from the uh-oh-spaghettios dept.

Joff_NZ writes "CERT has released an advisory regarding a serious flaw in all Cisco routers and switches which run IOS and process IPv4 packets (i.e. pretty much everything), which causes the device to stop processing inbound packets, and so: 'The device must be rebooted to clear the input queue on the interface, and will not reload without user intervention.' There are apparently no known exploits (yet), and Cisco have this advisory with a workaround and available fixes."

23 of 266 comments (clear)

  1. It's days like this... by Nethead · · Score: 5, Funny

    It's days like this I'm REALLY glad that I'm a unemployyed network engineer! This looks like a very serious headache!

    --
    -- I have a private email server in my basement.
    1. Re:It's days like this... by Anonymous Coward · · Score: 4, Funny

      Pfft, you're a "network engineer" just like I'm a "computer surgeon" and that guy over there is an "electronics astronaut".

  2. Alternative by rf0 · · Score: 4, Funny

    This is why I always suggest alternatives to Cisco such as IP over Avian and actual implementaion on Linux

    Rus

    --
    Cheap UK and US VPS
    1. Re:Alternative by mrbill · · Score: 3, Funny

      Yeah, but with IP over Avian Carriers, your "denial of service" is called "bubba with a shotgun".

    2. Re:Alternative by EvilTwinSkippy · · Score: 2, Funny

      Our facility tested it out, but concluded IPOA is for the birds.

      --
      "Learning is not compulsory... neither is survival."
      --Dr.W.Edwards Deming
  3. Re:Yet... by sleeper0 · · Score: 5, Funny

    Between this announcement and the microsoft one I know at least one of the fine readers out there has cancelled all of their appointments for the next three days and has a case of mountain dew and a copy of worms for dummies under their arm whistling happily.

  4. Re:Yet... by rf0 · · Score: 5, Funny

    I'm going to say an exploit by tommorow. End of the internet by Sat. All back to normal on Monday

    Rus

    --
    Cheap UK and US VPS
  5. Re:Yet... by Anonymous Coward · · Score: 3, Funny

    I call a book that can whistle pretty damn smart - knock off the 'dummies' stuff, mmkay?

  6. Re:Yet... by cscx · · Score: 4, Funny

    Yeah you would think more people would be using Juniper routers; however, I think they creepy-looking lady on their homepage is a deterrent.

  7. Latest news .... by Snoopy77 · · Score: 5, Funny

    While the army took time to celebrate the discover and safe return of Major Flaw it still maintained the need to continue the search for other missing top ranking officials. We spoke with a member of the search and recovery team soon after Major Flaw was discovered.

    "It is great to have found Major Flaw but we are still very worried about the others. Our job here is not finished." said Private Data.

    Colonel Panic has been spotted from time to time but the army has not yet been able to pinpoint his exact position. But the most gravest of fears are held for General Protection-Fault. Sightings of the General have been few and far between in the last few years. Some conspiracy theorists say that he is not actually missing but has disguised himself. Private Data would not confirm wether they are searching for a man of similar build to General Protection-Fault but dressed all in blue.

    --
    "She's a West Texas girl, just like me" - G.W Bush Iraqis
  8. Department of Homeland Security is interested! by dekashizl · · Score: 5, Funny

    This is actually good news for Cisco, because security holes like this appear to be a prerequisite for getting a large Department of Homeland Security contract.

  9. "A great disturbance..." by mino · · Score: 4, Funny

    "Like millions of sysadmins cried out in terror -- then were silenced."

  10. Re:Comcast has been having problems all day... by Anonymous Coward · · Score: 1, Funny
    Sick of your web host crashing? 100% guaranteed network uptime.
    ...until/unless a Cisco DDoS vulnerability is found...
  11. Let me see that flaw by Anonymous Coward · · Score: 1, Funny

    This thing right here
    Is lettin all the geeks know
    What CERT talks about
    You know
    The major flaws in hardware
    Hahaha
    Check it out

    Ooh dat packet so scandalous
    And ya know this router couldn't handle it
    See ya shakin that fist cause you paid for it
    With a look in ya eye so BOFHish

    Uh
    Ya liked it a lot till the processing stops
    And ya job was secure till da connection dropped
    No time to sleep you'll reboot a lot
    Cuz the router's completely loca

    The core dumps like a truck truck truck
    Admins like what the f^@%t
    Press the power butt butt butt
    Uh
    I think I need to reboot it again
    The core dumps like a truck truck truck
    Admins like what the f^@%t
    All night long
    Let me see that flaw

  12. Re:Yet... by bigberk · · Score: 3, Funny

    Where the hell did you find that? On my new big LCD monitor it looks like this lady is in the room right beside me. I'm not going to be able to sleep.

  13. Just filter out packets with the evil bit by AaronW · · Score: 5, Funny

    Why not just filter out all the packets with the evil bit set? This should fix the problem.

    --
    This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
  14. The cries of thousands of Cisco 827's by xQx · · Score: 3, Funny

    Wow, It's times like this I'm happy I'm not a sysadmin for a DSL service provider with heaps of customers with 827s around. ... oh wait.

    Boss. I'm at the pub.

  15. Dilbert by forged · · Score: 4, Funny
    Today's strip.

    Boss: Look what one of our engineers said to a reporter !
    Dogbert: (reading) "Our technology is putrid, but we compensate by ignoring complaints."
    Boss: You know what would be more fun than fixing those problems ?
    Dogbert: WITCH-HUNT !!!

  16. Re:Yet... by Jellybob · · Score: 1, Funny

    I'm scared.

    And I thought the ebay lady was a little weird... the juniper one looks like she knows where I live, and she's gonna come round and hack me to death when I least expect it.

  17. Re:Yet... by BadElf · · Score: 2, Funny

    Isn't that the gym teacher from Porky's?

  18. Re:and no posting of the exploit code? by dillkvast · · Score: 3, Funny

    what the hell do you call CiscoWorks???

    Today "CiscoWorks" would probably be a contradiction in terms.

    --
    Scitne aliquis remedium potimum crapulae?
  19. That would explain this e-mail. by ryanisflyboy · · Score: 1, Funny

    ------- Sent to ValueWeb customers -------
    ValueWeb has been informed by a number
    of our bandwidth providers (MCI, Sprint, and
    Level 3) that they will be undergoing maintenance
    that may cause widespread Internet slowness
    between 3:00 and 6:00 am EST, July 17th, 2003

  20. Re:Yet... by losmurfs · · Score: 3, Funny

    Just another example of using sex to sell products.