Cisco Reports OSPF Vulnerability
Routers running OSPF and some versions of Cisco's IOS may be susceptible to DOS attacks, the company says
August 21, 2004
An update to Cisco Systems Inc.'s (Nasdaq: CSCO) Internetwork Operating System (IOS) has created an opening for denial-of-service attacks, the company reported yesterday.
Some routers running the Open Shortest Path First (OSPF) protocol can be forced to reload by a certain type of "malformed" packet, according to the advisory posted on Cisco's Website. The vulnerability comes from a code change in IOS release trains 12.0S, 12.2, and 12.3.
The denial-of-service part comes in if someone bombards a vulnerable router with the bad packet, creating a perpetual state of reload.
The alert appears unrelated to the security flaw Cisco discovered in its ONS 15454 and 15327 platforms last month (see Cisco Finds ADM Security Flaw). But like the 15454 vulnerability, the OSPF flaw isn't likely to whip up a Hurricane Charley on the Internet. OSPF tends to be used for connecting routers within a network; routers pointing out to the Internet are more likely to run the Border Gateway Protocol (BGP).
Even so, security experts are saying that an internal threat is worth patching up, too. "OSPF tends to be more common in internal networks, but that doesn't mean the internal network is any less important in security," says Todd Hoopfer, director of solutions center (don't make that face; that's what they call him) at Check Point Software Technologies Ltd. (Nasdaq: CHKP).Naturally, Checkpoint has an answer for the OSPF vulnerability. In July, the company updated its products' handling of dynamic protocols, so that its firewalls and VPNs can weed out malformed packets.
The Cisco advisory notes that using OSPF authentication -- something that's recommended anyway -- can "mitigate the effects of this vulnerability."
Craig Matsumoto, Senior Editor, Light Reading
You May Also Like