Technical Description

A vulnerability has been identified in Cisco Internetwork Operating System (IOS), which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. This flaw is due to an error in the internal timers that may execute arbitrary code from portions of memory that have been overwritten through attack vectors such as specific heap-based overflows, which could be exploited by remote attackers to compromise or crash a vulnerable router.

Note : This vulnerability is a result of continued research related to the demonstration of the exploit for another vulnerability which occurred in July 2005 at the Black Hat USA Conference. For additional information, see : VUPEN/ADV-2005-1264 (Cisco IOS IPv6 Heap Overflow).

Affected Products

Cisco IOS 12.0
Cisco IOS 12.1
Cisco IOS 12.2
Cisco IOS 12.3
Cisco IOS 12.4

Solution

Upgrade to patched IOS versions :
http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml#software

References

http://www.vupen.com/english/advisories/2005/2282
http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml

ChangeLog

2005-11-02 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.