Ticket Number: HEA-NOC/20040818-2 Ticket Status: SECURITY
Ticket Type: unscheduled Resolver:
Ticket Opened: 20040818 17:39 UTC+1 Problem Start: 20040818 16:00 UTC+1
Ticket Closed: 20040818 17:39 UTC+1 Problem End:
*****NB******* Summary only please see full advisory available at
A Cisco device running Internetwork Operating System (IOS) and enabled for
the Open Shortest Path First (OSPF) protocol is vulnerable to a Denial of
Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is
not enabled by default.
The vulnerability is only present in Cisco IOS release trains based on
12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines, and all
Cisco IOS images prior to 12.0 are not affected.
Cisco has made free software available to address this vulnerability.
There are workarounds available to mitigate the effects.
This advisory is available at
20040818 17:34 WD: NSP Security list alert.
This ticket can be monitored at http://www.hea.net/tickets/20040818-2