_________________________________________________________ DePaul University Computer Security Response Team C S R T _________________________________________________________ Computer Security Vulnerability Alert _____________________________________________________________________ 04:00 -0500 2003-07-18 SUMMARY Cisco IOS Interface Blocked by IPv4 Packet SEVERITY Critical PLATFORM Cisco Internetwork Operating System version 11.1 Cisco Internetwork Operating System version 11.2 Cisco Internetwork Operating System version 11.3 Cisco Internetwork Operating System version 12.0 Cisco Internetwork Operating System version 12.1 Cisco Internetwork Operating System version 12.2 Cisco Internetwork Operating System version 12.3 See vendor advisory for specific notes for affected builds. IMPACT Denial of network services and connectivity. SCOPE All University data networks. DETAILS Cisco routers and switches running the Cisco IOS oper- ating systems may be sent a carefully crafted, unauth- enticated, packet incurring a denial of services on the target interface. DAMAGE A partial or complete loss of network services may result if immediate vendor recommended technical work-arounds are not implemented. CSRT recommends immediate upgrades of vulnerable switches and routers to be performed within 24 to 48 hours maximum. EXPLOIT A public exploit is currently being reviewed and tested by network operators and Internet security researchers. CSRT is monitoring normal exploit distribution channels to maintain an awareness of new exploits being developed. ALERTID CSRT2003071801 REVISION Id: csrt-va2003071801.txt,v 1.1 2003/07/18 09:03:22 epancer Exp ______________________________________________________________________ MORE INFO o Cisco PSIRT Advisory o CERT/CC Advisory CA-2003-15 o Initial exploit code ______________________________________________________________________ _____________________________END OF ALERT_____________________________