Cisco delivers five IOS patches on new schedule

By Jim Carr on Mar 28, 2008 9:42 AM
Filed under Applications

Cisco has corrected five vulnerabilities in its Internetwork Operating System (IOS), used to manage its routers, with patches covering vulnerabilities that could be exploited to manipulate data, expose sensitive information and launch denial-of-service (DoS) attacks, according to Secunia.

The vulnerability tracking firm rated the bugs "moderately critical."

Among the notable fixes, Cisco said that its IOS contains multiple vulnerabilities in the Data-Link Switching (DLSw) feature that could cause the system to reboot or cause memory leaks when processing specially crafted UDP or IP 91 protocol packets.

The company also patched its IOS after learning that Internet Protocol version 6 (IPv6) devices may be subject to a DoS attack.

Cisco reported a vulnerability in its implementation of Multicast Virtual Private Network (MVPN) is also exploitable.

Beginning with this latest round of patches, the company will release bundles of IOS security advisories on the fourth Wednesday in March and September. Cisco follows in the footsteps of Microsoft and Oracle, which deliver their patches on a schedule.

See original article on scmagazineus.com

Cisco delivers five IOS patches on new schedule

cisco cisco, patch cisco ios, ios, schedule cisco, updates

Ads by Google

What are your thoughts on this article? Add your comment below.

To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.

NOTE: You must be a registered member of SC Magazine to post a comment.

Click here to login | Click here to register

comments powered by Disqus