---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Cisco Various Products TCP Timestamp Denial of Service SECUNIA ADVISORY ID: SA15393 VERIFY ADVISORY: http://secunia.com/advisories/15393/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Cisco SN5400 Series Storage Routers http://secunia.com/product/2188/ Cisco MGX 8900 Series Multiservice Switches http://secunia.com/product/5117/ Cisco MGX 8800 Series Multiservice Switches http://secunia.com/product/5116/ Cisco MGX 8200 Series Edge Concentrators http://secunia.com/product/5115/ Cisco Content Services Switch 11000 Series (WebNS) http://secunia.com/product/1507/ Cisco Aironet 350 Series Access Point http://secunia.com/product/5114/ Cisco Aironet 1200 Series Access Point http://secunia.com/product/1929/ DESCRIPTION: A vulnerability has been reported in some Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service) on active TCP sessions. The vulnerability is caused due to an error in the implementation of the TCP Timestamp option and can be exploited via specially crafted packets to cause a targeted TCP session to stall until it's reset. Successful exploitation requires knowledge of IP address information of the source and destination of the TCP network connection. The vulnerability affects the following products: * SN5400 series storage routers * CSS11000 series content services switches * AP350 and AP1200 series Access Points running VxWorks * MGX8200, MGX8800, and MGX8900 series WAN switches (only management interfaces) SOLUTION: SN5400 series storage routers: The vulnerability has been addressed by CSCin85370. CSS11000 series content services switches: The vulnerability has been addressed by CSCeh40395. AP350 and AP1200 series Access Points: The vendor recommends upgrading APs running VxWorks to Cisco IOS. MGX series WAN switches: The vulnerability has been documented by CSCeh85125 and CSCeh85130. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Noritoshi Demizu. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml OTHER REFERENCES: US-CERT VU#637934: http://www.kb.cert.org/vuls/id/637934 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------