---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Cisco IOS Denial of Service Vulnerability SECUNIA ADVISORY ID: SA29559 VERIFY ADVISORY: http://secunia.com/advisories/29559/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Cisco 7600 Series 12.x http://secunia.com/product/15865/ Cisco IOS 12.x http://secunia.com/product/182/ Cisco IOS R12.x http://secunia.com/product/50/ Cisco Catalyst 6500 Series 12.x http://secunia.com/product/15864/ DESCRIPTION: A vulnerability has been reported in certain Cisco devices, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the handling of certain packets and can be exploited to cause a blocked interface input queue, a memory leak, or a restart of the device. Successful exploitation requires that the device is configured for Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN) and Open Shortest Path First (OSPF) sham-link. The vulnerability is reported in the following products: * Cisco Catalyst 6500 Series devices with the Sup32, Sup720, Sup720-3B, or Sup720-3BXL * Cisco 7600 Series devices with the Sup32, Sup720, Sup720-3B, or Sup720-3BXL * Cisco 7600 Series devices with the RSP720, RSP720-3C, or RSP720-3CXL * Cisco ME 6524 Ethernet Switch SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported to the vendor by a customer. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------