Cisco Cisco IOS Software Release 12.2(25)SW
83
Release Notes for Cisco 7000 Series Routers for Cisco IOS Release 12.2 SW
Related Documentation
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
•
CSCea02355
Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol
version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of
crafted IPv4 packets sent directly to the device may cause the input interface to stop processing
traffic once the input queue is full. No authentication is required to process the inbound packet.
Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not
affected. A workaround is available.
version 4 (IPv4) packets are vulnerable to a Denial of Service (DoS) attack. A rare sequence of
crafted IPv4 packets sent directly to the device may cause the input interface to stop processing
traffic once the input queue is full. No authentication is required to process the inbound packet.
Processing of IPv4 packets is enabled by default. Devices running only IP version 6 (IPv6) are not
affected. A workaround is available.
Cisco has made software available, free of charge, to correct the problem.
This advisory is available at
•
CSCea28131
A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a
Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by
default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the
malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject
a malformed packet. BGP MD5 is a valid workaround for this problem.
Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by
default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the
malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject
a malformed packet. BGP MD5 is a valid workaround for this problem.
Cisco has made free software available to address this problem. For more details, please refer to this
advisory, available at
advisory, available at
.
Related Documentation
The following sections describe the documentation available for the Cisco 7000 family. These
documents consist of hardware and software installation guides, Cisco IOS configuration guides and
command references, system error messages, feature modules, and other documents.
documents consist of hardware and software installation guides, Cisco IOS configuration guides and
command references, system error messages, feature modules, and other documents.
Documentation is available as printed manuals or electronic documents, except for feature modules,
which are available online on Cisco.com and the Documentation CD-ROM.
which are available online on Cisco.com and the Documentation CD-ROM.
Use these release notes with these documents:
•
•
•
•