Cisco Systems CSCO] said a vulnerability in the multicast DNS gateway function of any device running certain versions of IOS/IOS XE could allow an unauthenticated, remote attacker to reload the vulnerable device due to improper validation of mDNS packets. The solution is to update to a current version of the operating systems.

The TCP vulnerability is due to improper handling of certain crafted packet sequences used in establishing a TCP three-way handshake. It could be exploited by sending a crafted sequence of TCP packets while establishing a three-way handshake. A successful exploit could allow the attacker to cause a memory leak and eventual reload of the affected device.

Finally, IOS XE for the ASR 1000 Series Aggregation Services Routers (ASR), 4400 Series Integrated Services Routers (ISR), and Cloud Services Routers (CSR) 1000v Series contains several issues that can lead to a denial of service.

Network administrators can use the Cisco IOS Software Checker to quickly determine whether their IOS software releases have vulnerabilities. Note the checker doesn’t work for IOS XE.

The next Cisco IOS Software Security Advisory Bundled Publication is scheduled for Sept 23.

Related Download
Sponsor: Unitrends
5 Ways Disaster Recovery is Like Jack Bauer
5 Ways Disaster Recovery is Like Jack Bauer, a fun and informative whitepaper from Unitrends, looks at how to start thinking of disaster recovery in terms of the butt-kicking hero of 24.
Register Now