A denial-of-service vulnerability exists in Cisco's Internetwork Operating System (IOS). This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device.
Open Shortest Path First (OSPF) is a routing protocol that provides a means for distributing routing information between routers. The Cisco Internetwork Operating System (IOS) implementation of OSPF contains a vulnerability that allows malformed OSPF packets to cause an affected router to reload. Such packets can be sent by an unauthenticated remote attacker and will result in a denial-of-service condition.
By sending a specially crafted OSPF packet to an affected device, a remote, unauthenticated attacker could cause the device to reload. Repeated exploitation of this vulnerability could result in a denial-of-service condition. In order to exploit this vulnerability, an attacker would need to know several parameters. These parameters include the OSPF area number, netmask, hello, and dead timers, which are configured on the affected device.
Apply a patch
This vulnerability was reported by the Cisco Systems Product Security Incident Response Team (PSIRT).
This document was written by Damon Morda.
|Date First Published:||2004-08-19|
|Date Last Updated:||2004-08-19 20:00 UTC|