Cisco Catalyst 6500 switches and 7600 series routers are at risk
Cisco warns of Firewall Services Module flaw
/v3-uk/news/1961525/cisco-warns-firewall-services-module-flaw
21 Aug 2009, Shaun Nichols , V3
Cisco has released a security update to address a vulnerability in several of its router and network switch offerings.
The company said that the flaw could allow an attacker to cause a denial-of-service crash on vulnerable hardware. Among the components at risk are the Catalyst 6500 switches and 7600 series routers.
The source of the vulnerability is believed to be Cisco's Firewall Services Module software. By sending specially crafted bits of Internet Control Message Protocol code, an attacker could force the module to stop passing data and cause the device to crash.
There have been no reports of the vulnerability being actively exploited, but Cisco is advising users to download and implement the update directly from Cisco or through third-party support organisations.
The fix adds yet another name to the list of companies which have issued security updates this month. Adobe pushed out an update for its ColdFusion and JRun products earlier this week, and Microsoft released a monthly security update last week which addressed 19 security flaws.
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
Inaccurate - get your facts straight please
The advisory is specific to the FIREWALL SERVICES MODULE, which is just ONE of many components running on the modular 6500-series switch or 7600-series router. The impact of this is to potentially disable the firewall module, but not the entire switch/router!
Posted by Wael, 26 Aug 2009