Cisco Confirms Regex Flaw in IOS

gattaca writes "Cisco has announced a confirmation of an unpatched denial of service vulnerability in Cisco IOS. From the NetPro Forum post: 'I have just discovered a regular expression that crashes the router. I suspect the error is because of division by zero. Since I work for the Enterprise, I do not have direct access to TAC. Please somebody report this to Cisco. I have tested it on ranges of routers (2611, 2821, 2851, 7206) and IOSes (12.0-12.4). All routers crashed with some type of BUS ERROR. Command can be issued in user mode, therefore I think it can be considered as vulnerability to potentially cause DOS.'" Of course, the command has to be entered in user mode, so while potentially a vulnerability, chances are your local IOS-based router won't be DoSed via the bug any time soon.

A question

[Poromenos1]

Can someone explain to me the difference between a $50 OpenWRT router and a $2k Cisco one? I have both, and the OpenWRT router is by leaps and bounds more featureful than the Cisco one (I guess that doesn't really make sense, because for $20k the Cisco can have the same features). Obviously the difference is reliability/performance, but what are the exact limits? How many people do I have to have in my network before getting a Cisco? How will I know that?