| By Security News Desk | Article Rating: |
|
| July 30, 2005 12:30 PM EDT | Reads: |
14,885 |
Michael Lynn, a former Internet Security Systems (ISS) researcher, had quit his job to present his findings at the security
conference. His presentation was later omitted from the conference CD.
Symantec's alert noted that the disclosure "represents a potentially significant threat against existing infrastructure currently deployed." It recommended that enterprises do an immediate audit of existing vulnerabilities in their Cisco hardware and apply the associated patches ASAP.
According to the advisory, IOS is vulnerable to a denial-of-service (DoS) attack, and possibly to a much more dangerous exploit that could actually introduce hacker code remotely, via a specially-crafted IPv6 packet.
"Lynn did not disclose a new vulnerability," said Cisco spokesman John Noh. "But this advisory relates to the vulnerability he discussed at Black Hat."
Cisco said in its advisory said that all its devices running on "any unfixed version of IOS code that supports,
and is configured for, IPv6" are vulnerable. An attack, however, relies
on a deliberately built IPv6 packet that must be sent from a local
network segment. "This vulnerability can not be exploited one or more
hops from the IOS device," Cisco said.
Published July 30, 2005 Reads 14,885
Copyright © 2005 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.
![]() |
ISSJ News Desk 07/30/05 11:49:21 AM EDT | |||
Cisco Outlines Security Problem, Symantec Warns Against It. Cisco has admitted and detailed a security vulnerability that was revealed at the Black Hat conference, and now Symantec has jumped into the fray, warning that the revelation at the conference increases the chance for the hole to be exploited. |
||||
- Microsoft’s Second UI Innovation
- What Motivates Open Standards in the Cloud?
- StorSimple Supports OpenStack
- What to Expect in 2012: Cloud Computing and Open Source Software
- Ten Hot Trends in Cloud Data for 2012
- End-User Participation to Provide Unique Forum for Peer Collaboration at 2012 Technology Convergence Conference
- HP Expands Its HANA Alliance with SAP
- Three Buzzwords That Every CIO Hears but One They Should Listen To
- Write Once Run Anywhere or Cross Platform Mobile Development Tools
- Microsoft’s New Cloudware Could Cast a Shadow over VMware
- Cloud Expo New York: Cloud Architectures Require Scale-out Storage
- AT&T Joins OpenStack, Floats Cloud Architect
- The Future of Cloud Computing: Industry Predictions for 2012
- HP Puts Activist Shareholder on Board
- Gartner Hype Cycle for Emerging Technologies 2011
- Microsoft’s Second UI Innovation
- Cloud Computing: A Comparison of Computing Models
- What Motivates Open Standards in the Cloud?
- Big Data Bug Bites GE
- StorSimple Supports OpenStack
- What to Expect in 2012: Cloud Computing and Open Source Software
- Apprenda Upgrades Its .NET Private PaaS
- Ten Hot Trends in Cloud Data for 2012
- Cloud Expo Takeaways: Cloud Confusion Still Exists
- The Top 150 Players in Cloud Computing
- Where Are RIA Technologies Headed in 2008?
- FullArmor GPAnywhere Secures Microsoft Application Virtualization Applications Through Group Policy
- SYS-CON's Virtualization Conference & Expo: Themes & Topics
- SYS-CON's Virtualization Journal Opens Its "Readers' Choice Awards" Nominations
- "Virtualization Is Now a Key Strategic Theme," Says Citrix CTO
- Application Virtualization: Instant Migration to Vista, Fast Delivery, Secure Access, Side-by-Side Deployments
- Application Virtualization
- Integration with Windows Vista, Microsoft Excel, and Microsoft Application Virtualization
- Will Microsoft Buy Citrix?
- mValent Extends Automated Application Configuration Management to Virtualization Environments
- Has the Technology Bounceback Begun?



















