Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco Confirms Regex Flaw in IOS

Posted by CowboyNeal on from the does-not-compute dept.

gattaca writes "Cisco has announced a confirmation of an unpatched denial of service vulnerability in Cisco IOS. From the NetPro Forum post: 'I have just discovered a regular expression that crashes the router. I suspect the error is because of division by zero. Since I work for the Enterprise, I do not have direct access to TAC. Please somebody report this to Cisco. I have tested it on ranges of routers (2611, 2821, 2851, 7206) and IOSes (12.0-12.4). All routers crashed with some type of BUS ERROR. Command can be issued in user mode, therefore I think it can be considered as vulnerability to potentially cause DOS.'" Of course, the command has to be entered in user mode, so while potentially a vulnerability, chances are your local IOS-based router won't be DoSed via the bug any time soon.

7 of 61 comments (clear)

  1. Re:does it could as denial of service by blantonl · · Score: 4, Funny

    It only if works you authenticated are router to the.

    --
    Lindsay Blanton
    RadioReference.com
  2. Then don't do that by Anonymous Coward · · Score: 2, Funny

    FTA: "I have just discovered a regular expression that crashes the router. I suspect the error is because of division by zero."

    Reminds me of:

    Patient: "My arm hurts when I do this." <wiggles arm>
    Doctor: "Then don't do that."

    The solution is obvious: don't use that regex/divide by zero. Duhhhh. Problem solved. Thank you, come again.

  3. A bigger IOS flaw discovered by packetmon · · Score: 5, Funny
    A bigger vulnerability has been discovered just now as well...

    r8#sh ver | in IOS
    IOS (tm) C2600 Software (C2600-IO3-M), Version 12.2(15)T2, RELEASE SOFTWARE (fc2)
    r8#reload
    Proceed with reload? [confirm]
    Seems like anyone with admin access can reload your router.

    IOS (tm) 4500 Software (C4500-A3JK9S-M), Version 12.2(40a), RELEASE SOFTWARE (fc1)
    frSwitch#reload
    Proceed with reload? [confirm]
    Confirmed on multiple routers as well! OMFG. On another note, anyone with local access to the router can power down the router causing a massive denial of service. Our admins here at GoodyTwoShoesNetworking.com are placing epoxy across all power buttons and cables to prevent this
    --
    Infiltrated dot Net
  4. Re:does it could as denial of service by packetmon · · Score: 2, Funny

    so means that you're not if authenticated router to the can't it do to crash a cause?

    --
    Infiltrated dot Net
  5. The Enterprise by AntEater · · Score: 4, Funny

    "Since I work for the Enterprise, I do not have direct access to TAC. "

    Yes, Capt. Kirk can be very protective of the TAC.

    --
    Alex, I'll take keybindings not used by Emacs for $400....
  6. Re:RegEx's are incredibly dangerous by Anonymous Coward · · Score: 1, Funny
    Is it as dangerous as say... This:

    lynx -dump http://linux.slashdot.org/article.pl?sid=04/11/03/0358246|awk '/Shootout/{gsub(/'\''/,"");print $2,$3,$4}'|uniq|sh
    I wouldn't run that as root if I were you
  7. Re:Not a surprise by Algorithmnast · · Score: 3, Funny

    Dividing by zero screws everything up. Even Windows Calc, one of the most advanced pieces of software on the planet, can't do it.

    As it happens, I can divide by zero, but only when I try to figure out the inverse of the percentage of well-spent money from my tax dollars.

    Or perhaps, the ratio of posts to informational-posts.

    After all, Godwin needs revision - to paraphrase "A Beautiful Mind".