Cisco Patches DoS Flaws

Cisco has patched or issued workarounds for vulnerabilities affecting an obscure corner of its core operating system and some of its VoIP products.

The company today announced that a potential vulnerability affects "any device that runs Cisco IOS and has enabled the SGBP protocol." According to the advisory, the SGBP implementation found in IOS "is susceptible to a denial of service attack when presented with a crafted UDP packet. Sending such a packet to port 9900 of an affected device will cause it to freeze and stop responding to or passing traffic."

The advisory goes on to note that after a delay, "the system watchdog timer will detect this condition and force a reset of the device. The system recovery behavior will be controlled by the device configuration register; for example, the router may reload or drop to the ROM monitor."

The advisory includes download information for a patch.

The company also reported a flaw in Cisco CallManager (CCM) that could allow a denial of service attack. The vulnerability affects versions of CCM including 3.2, 3.3, 4.0 and 4.1.

"Vulnerable versions of Cisco Call Manager do not manage TCP connections and Windows messages aggressively, leaving some well-known, published ports vulnerable to Denial of Service attacks," the report reads.

"While there are no workarounds available on the Cisco CallManager to eliminate DoS attacks, securing the voice network with Cisco CallManager security best practices may lessen the risk or mitigate the effects of these vulnerabilities," said Cisco.

The advisory also provides links to appropriate updates of affected IOS versions.