Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Cisco :: cisco08.htm

Cisco routers using classic IOS software can be crashed



Vulnerability

    CISCO

Affected

    CISCO routers

Description

    Following info is based on CISCO Field Notice.  An error in  Cisco
    IOS  software  makes  it  possible  for untrusted, unauthenticated
    users who can gain access to the login prompt of a router or other
    Cisco IOS  device, via  any means,  to cause  that device to crash
    and reload.   This applies only  to devices running  classic Cisco
    IOS software.  This includes most Cisco routers with model numbers
    greater  than  or  equal  to  1000,  but  does not include the 7xx
    series, the Catalyst LAN  switches, WAN switching products  in the
    IGX or BPX lines,  the AXIS shelf, early  models of the LS1010  or
    LS2020 ATM switches, or any host-based software.  So, affected are
    all users of  classic Cisco IOS  software versions 9.1  and later,
    but earlier than the repaired versions listed below whose  devices
    can be connected to interactively by untrusted users, are affected
    by this vulnerability.  It is not necessary to be able to actually
    log  in  to  exploit  this  vulnerability;  simply  establishing a
    terminal connection is sufficient.

    The  vulnerability  can  be  exploited  using  direct  console  or
    asynchronous  serial  connections  (including dialup connections),
    TELNET connections, UNIX "r" command connections, LAT connections,
    MOP connections, X.29 connections, V.120 connections, and possibly
    others.     Except   in   extraordinary   security   environments,
    administrators  are  strongly  encouraged  to  assume that hostile
    users can find ways to make interactive connections to their Cisco
    IOS  devices.   If  attackers  know  the  details of the Cisco IOS
    software error they will be able to cause the router to crash  and
    reload  without  having  to  log  in  to the router.  Because this
    problem  involves  damage  to  an  internal  data  struture, it is
    possible that  other, more  subtle or  targeted effects  on system
    operation  could  also  be  induced  by proper exploitation.  Such
    exploitation, if it is possible at all, would require  significant
    engineering  skill  and  a  thorough  knowledge  of  the  internal
    operation  of  Cisco  IOS  software,  including Cisco trade secret
    information.

Solution

    If you are  not running classic  Cisco IOS software,  then you are
    not affected  by this  vulnerability.   If you  are unsure whether
    your device is  running classic Cisco  IOS software, log  into the
    device  and  issue  the  command  show  version. Classic Cisco IOS
    software will  identify itself  simply as  "IOS" or  "Internetwork
    Operating  System  Software",  and  affected  software will have a
    version number greater than or equal to 9.1.  Other Cisco  devices
    either  will  not  have  the  show  version  command, or will give
    different  output.   This  vulnerability  affects  all releases of
    Classic Cisco IOS software from 9.1 up to, but not including,  the
    following  corrected   releases  (including   interim  and    beta
    software):

        11.3(1),  11.3(1)ED, 11.3(1)T
        11.2(10), 11.2(9)P, 11.2(9)XA, 11.2(10)BC
        11.1(15)CA, 11.1(16), 11.1(16)IA, 11.1(16)AA, 11.1(17)CC, 11.1(17)CT
        11.0(20.3)

    Releases  of  Cisco  IOS  software  up  to and including 10.3 have
    reached end of support, and  no fixes are currently or  planned to
    be  available  for  those  releases.  All  releases  after 9.1 do,
    however, contain  the problem.   All planned  fixes to  Cisco  IOS
    software  have  been  completed  and  tested.   Integration   into
    regular  released  software  is  complete  for all versions except
    11.0.  If you are running  a version of software earlier than  the
    ones listed above,  please contact the  Cisco TAC for  assistance.
    The fix for  this problem is  available for the  11.0 release only
    in the 11.0(20.3)  version.  This  is an interim  release, and has
    not been subjected to the same degree of testing as a regular  IOS
    release.  The first regular  11.0 release containing the fix  will
    be 11.0(21).   Cisco is  offering free  software upgrades  to  all
    vulnerable  customers,  regardless  of  contract status. Customers
    with  service  contracts  may  upgrade  to  any Cisco IOS software
    version.  Customers  without contracts may  upgrade to the  latest
    versions of the images that  they are already running.   Customers
    without  contracts  who  are  running  10.3 or older software will
    receive  free  upgrades  to  fixed  11.0  versions,  but should be
    careful  to  make  sure  that  their  hardware can support the new
    software before upgrading.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH