Cisco 10000, uBR10012 and uBR7200 series devices could be open to a DoS attack because they use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable, Cisco warns. Software patches and workarounds are available to address this problem.
IOS MPLS VPN may leak information, warns Cisco. Devices running Cisco IOS versions 12.0S, 12.2, 12.3 or 12.4 and configured for MPLS VPNs or VPN Routing and Forwarding Lite (VRF Lite) and using Border Gateway Protocol (BGP) between customer edge and provider edge devices may permit information to propagate between VPNs, Cisco reports in its advisory. This issue is triggered by a logic error when processing extended communities on the provider edge device though the problem cannot be deterministically exploited by an attacker, Cisco says. Patches and workarounds are available.
A vulnerability in IOS' intrusion prevention system feature could cause a router to crash or hang, resulting in denial-of-service, according to Cisco in its alert. The vulnerability is based on the processing of certain IPS signatures that use the SERVICE.DNS engine. Software updates and workarounds are available. Cisco adds that this problem is not related to the DNS cache poisoning problem that was reported earlier this month.
IOS software configured for IOS firewall Application Inspection Control (AIC) with an HTTP configured application-specific policy are vulnerable to a denial-of-service when processing a specific malformed HTTP transit packet, according to Cisco in its alert. The result could be a reload of the affected device, it adds. This vulnerability affects IOS software release 12.4(9)T. Software patches and workarounds are available.
A series of segmented Skinny Call Control Protocol (SCCP) messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload, reports Cisco. Patches and workarounds are available.
Two DoS vulnerabilities exist in the SIP implementation of the Cisco Unified Communications Manager. These vulnerabilities can be triggered while processing specific and valid SIP messages and can lead to a reload of the main Cisco Unified Communications Manager process, reports Cisco in its advisory. Version 4.x of Cisco Unified CallManager do not have SIP enabled by default unless a SIP trunk is configured, according to Cisco. Versions 5.x and later of the Cisco Unified Communications Manager have SIP is enabled by default and cannot be disabled, Cisco adds. The company has yet to release fixes to this problem and there are no workarounds either. Cisco says it will update its advisory once fixes are available.
Cisco announced in March that it would be adopting a twice-a-year patch cycle for IOS, scheduled for the fourth Wednesday of March and September. In its March cycle, Cisco released five alerts that affected Cisco IOS Multicast VPN (MPVN); IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Router Switch Processor 720; IOS user datagram protocol delivery; and IOS' Data-link Switching feature.