Status Tracking Note TRTA07-024A

Cisco IOS is Affected by Multiple Vulnerabilities

Overview

Several vulnerabilities have been discovered in Cisco's Internet Operating System (IOS). A remote attacker may be able to execute arbitrary code on an affected device, cause an affected device to reload the operating system, or cause other types of denial of service.
Event Information
Date (UTC)Description
2007-01-25 01:24 JPCERT/CC
JPCERT-AT-2007-0002: Multiple vulnerabilities in Cisco IOS
2007-01-25 00:14 US-CERT
TA07-024A: Cisco IOS is Affected by Multiple Vulnerabilities
Via US-CERT Mailing List
Several vulnerabilities have been discovered in Cisco's Internet Operating System (IOS).
2007-01-24 20:30 US-CERT
Cisco Releases Security Advisories for Multiple Vulnerabilities in IOS
US-CERT encourages users to apply the fixes and workarounds described in the Cisco Security Advisories and Vulnerability Notes.
2007-01-24 16:00 Cisco Systems
cisco-sa-20070124-crafted-ip-option: Crafted IP Option Vulnerability
Cisco IOS software contains a vulnerablity that may allow an attacker to execute arbitrary code or create a denial of service condition.
2007-01-24 16:00 Cisco Systems
cisco-sa-20070124-IOS-IPv6: IPv6 Routing Header Vulnerability
Cisco IOS fails to properly process IPv6 packets with specially crafted routing headers. Successful exploitation of this vulnerability may allow an attacker to execute code, or create a denial of service condition.
2007-01-24 16:00 Cisco Systems
cisco-sa-20070124-crafted-tcp: Crafted TCP Packet Can Cause Denial of Service
The Cisco IOS Transmission Control Protocol listener contains a memory leak.
Date first published (UTC): 2007-01-25T22:35+00:00
Date last updated (UTC): 2007-01-25T22:35+00:00