According to a Cisco advisory, "Cisco Intrusion Prevention System (IPS) software Version 5.1 is vulnerable to a denial of service condition caused by a malformed packet, which may result in an IPS device becoming inaccessible remotely or via the console and fail to process packets. A power reset is required to recover the IPS device. There are no workarounds for this vulnerability." A free update is available.
Cisco routers running IOS and shipped with the Cisco Router Web Setup (CRWS) application could be accessed without any user credentials. A new update to CRWS is available to close the hole.