S-319: Cisco Intrusion Prevention System Vulnerability

06-19-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

S-319: Cisco Intrusion Prevention System Vulnerability

Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulenrability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operaiton. The risk is MEDIUM. Successful exploitation of the vulnerability may result in a network denial of service condition. A power cycle is required to recover operations. An attacker may be able to evade access controls and detection of malicious activity int he case of Cisco IPS 4260-4270 platforms that have hardware bypass configured to pass traffic in the event of a kernel panic.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

rancid(1) General Commands Manual rancid(1) NAME
rancid - Cisco configuration filter SYNOPSIS
rancid [-dlV] (-f filename | hostname) DESCRIPTION
rancid is a perl(1) script which uses the login scripts (see clogin(1)) to login to a device, execute commands to display the configuration, etc, then filters the output for formatting, security, and so on. rancid's product is a file with the name of it's last argument plus the suffix .new. For example, hostname.new. There are complementary scripts for other platforms and/or manufacturers that are supported by rancid(1). Briefly, these are: agmrancid Cisco Anomaly Guard Module (AGM) arancid Alteon WebOS switches arrancid Arista Networks devices brancid Bay Networks (nortel) cat5rancid Cisco catalyst switches cssrancid Cisco content services switches erancid ADC-kentrox EZ-T3 mux f10rancid Force10 f5rancid F5 BigIPs fnrancid Fortinet Firewalls francid Foundry and HP procurve OEMs of Foundry hrancid HP Procurve Switches htranicd Hitachi Routers jerancid Juniper Networks E-series jrancid Juniper Networks mrancid MRTd mrvrancid MRV optical switches mtrancid Mikrotik routesrs nrancid Netscreen firewalls nsrancid Netscaler nxrancid Cisco Nexus boxes prancid Procket Networks rivrancid Riverstone rrancid Redback srancid SMC switch (some Dell OEMs) trancid Netopia sDSL/T1 routers tntrancid Lucent TNT xrancid Extreme switches xrrancid Cisco IOS-XR boxes zrancid Zebra routing software The command-line options are as follows: -V Prints package name and version strings. -d Display debugging information. -l Display somewhat less debugging information. -f rancid should interpret the next argument as a filename which contains the output it would normally collect from the device ( hostname) with clogin(1). SEE ALSO
control_rancid(1), clogin(1), rancid.conf(5) CAVEATS
Cisco IOS offers a DHCP server that maintains a text database which can be stored remotely or on local storage. If stored locally, the file changes constantly and causes constant diffs from rancid. If this file's name ('ip dhcp database') matches the regex dhcp_[^[:space:].].txt, it will be filtered. For Catalyst switches running CatOS, type cat5, the prompt must end with '>'. clogin(1) looks for '>' to determine when a login is successful. For example: cat5k> cat5k> enable Password: cat5k> (enable) rancid works on Cisco Catalyst 1900 series switches that are running Enterprise Edition software. This software provides a menu at connection time that allows a command line interface to be used by entering 'K' at the prompt. 26 April 2011 rancid(1)

Security Advisories (RSS)

S-319: Cisco Intrusion Prevention System Vulnerability

1 More Discussions You Might Find Interesting

1. Cybersecurity

Intrusion Detection - System Call Introspection

Discussion started by: aravind007

LEARN ABOUT DEBIAN

rancid