Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-319: Cisco Intrusion Prevention System Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-319: Cisco Intrusion Prevention System Vulnerability
# 1  
Old 06-19-2008
S-319: Cisco Intrusion Prevention System Vulnerability
Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulenrability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operaiton. The risk is MEDIUM. Successful exploitation of the vulnerability may result in a network denial of service condition. A power cycle is required to recover operations. An attacker may be able to evade access controls and detection of malicious activity int he case of Cisco IPS 4260-4270 platforms that have hardware bypass configured to pass traffic in the event of a kernel panic.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Cybersecurity

Intrusion Detection - System Call Introspection

can u give me a code for host based intrusion detection using system call introspection... (5 Replies)
Discussion started by: aravind007
5 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

cdpr

CDPR(8) 						      System Manager's Manual							   CDPR(8)

NAME

       cdpr - Cisco Discovery Protocol Reporter

SYNOPSIS

       cdpr [-h] [-t seconds ] [-d device | -r pcap-file ] [-u server-config-file ] [-l location ] [-n hostname ] [-s server ] [-p script-path ]

DESCRIPTION

       cdpr  listens  on specified network interfaces for Cisco Discovery Protocol packets. It then decodes those packets and outputs the informa-
       tion, optionally sending the information to a server for processing.

OPTIONS

       -d device
	      Specify device to use (eth0, hme0, etc.)

       -r pcap-file
	      Specify file to read from instead of network device.

       -h     Print the usage.

       -t seconds
	      Time in seconds to abort waiting for a packet (should be > 60)

       -v[vv] Set verbose mode.

       -u server-config-file
	      Send cdpr information to a cdpr server. See /usr/share/doc/cdpr/README.cdprs

       -l location
	      Location/description of this port; for use with -u or -s and -p.

       -n hostname
	      Override the hostname reported to the server; for use with -u or -s and -p.

       -s server
	      Server to send information to, specify port with a: after server/IP.  Example: 192.168.1.20:88 (default: 80) requires -p (overridden
	      by -u)

       -p script-path
	      Path of server script to send data to; requires -s (overridden by -u)

AUTHOR

       Lance O'Connor <lance at ronnoco dot net>

       This manual page was written by Matt Zagrabelny <mzagrabe at d dot umn dot edu>, for the Debian system (but may be used by others).

User Manuals							    APRIL 2009								   CDPR(8)