Cisco Systems has warned of a new vulnerability that leaves its routers and switches open to denial-of-service (DoS) attacks.
The vulnerability appears in the SNMP service that is part of Cisco's Internetwork Operating System (IOS), the OS that runs on most of the vendor's gear. SNMP is a protocol used to monitor and manage network devices.
Cisco recommended upgrades to non-vulnerable IOS releases and suggested a number of workarounds, encouraging customers to contact their solution provider partners for help with the fixes. Upgrades for customers with maintenance contracts are available through the Cisco website.
Due to the vulnerability, attempts by the software to process specific SNMP messages are handled incorrectly. As a result, the impacted device can experience memory corruption and may reload, according to a security advisory issued by Cisco. Hackers could use the vulnerability remotely to cause devices to reload repeatedly, causing a DoS attack, the company said.
The vulnerability impacts at least seven IOS release trains, ranging from 12.0 to 12.3, Cisco said.
Cisco's security advisory followed an alert from US-CERT that warned of vulnerabilities in the TCP that allowed remote attackers to terminate network sessions, which could lead to DoS conditions.
Cisco issued separate advisories regarding the TCP vulnerability, which it said affected all of its products, with recommended upgrades and workarounds.
Juniper Networks also said its products were susceptible to the vulnerability and has made software fixes available.
Other vendors, such as Hitachi and NEC, are investigating potential impact to their products, according to US-CERT's website.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
