Peaches Posted August 22, 2009 Report Share Posted August 22, 2009 22 August 2009, 03:04Deadly pings for Cisco routers and switches A bug in the Firewall Services Module (FWSM) software allows Cisco routers and switches to be disabled by a series of crafted ICMP packets. Catalyst 6500 series switches and Cisco 7600 series routers equipped with a Firewall Services Module are affected. All FWSM software versions 2.x, 3.x and 4.x without the specific fix for this bug are vulnerable. In a security advisory, Cisco states that processing ICMP packets can lead a processor to use all available execution threads, with the result that the system will not forward any further packets. The FSWM itself is then no longer available remotely and, if configured for failover operation, the failover may also fail.The command show np 2 stats can be used to determine whether the problem has previously occurred. If it has the error message "ERROR: np_logger_query request for FP Stats failed" is returned. The vendor does not suggest a workaround, but has made updated versions of the FWSM software available in which the problem does not occur.See also:Firewall Services Module Crafted ICMP Message Vulnerability, Cisco security advisory.One false ping and Solaris is in a panic, a report from The H.Heise security - http://www.h-online.com/security/Deadly-pi...s--/news/114058 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.