Currently viewing the tag: "DoS"

Cisco: CUCM DoS Vulnerabilities

By On March 6, 2010 · Leave a Comment

Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.

To address these vulnerabilities, Cisco has released free software updates for select Cisco Unified Communications Manager versions. There is a workaround for of one the vulnerabilities.

The following products are affected by vulnerabilities that are described in this advisory:

[...]

Continue Reading

Cisco FWSM SCCP Inspection DoS Vulnerability

By On March 1, 2010 · 1 Comment

A vulnerability exists in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol (SCCP) message. The vulnerability exists when SCCP inspection is enabled.

Cisco has released free software updates that address this vulnerability.

All non-fixed 4.x versions of Cisco FWSM Software are affected by this vulnerability if SCCP inspection is enabled. SCCP inspection is enabled by default.

To check if [...]

Continue Reading

New DOS attacks threaten wireless data networks

By On June 8, 2009 · 3 Comments

Forget spam, viruses, worms, malware and phishing. These threats are apparently old school when compared to a new class of denial-of-service (DOS) attacks that threaten wireless data networks.

The latest wireless network threats were outlined in a talk here Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York.

Sabnani said the latest wireless data network threats are the result of inherent weaknesses in Mobile IP, a protocol that uses tunneling [...]

Continue Reading

Cisco: DoS protection using TCP Intercept

By On May 19, 2009 · 2 Comments

Every now and then, all network engineers have to deal with some kind of network attack.  Usually, the attack does not target the network devices, but the machines that provide services (e.g. www, database hosting…), because it’s more easy to find on the Internet a script that is probing port 80 for example, which by the way any kiddie can use, than to corrupt BGP in order to act as man-in-the-middle. Anyway, in front on the machine being attacked, there is a network device and [...]

Continue Reading

Network-based protection against denial-of-service-attacks

By On February 16, 2009 · Leave a Comment

A recent announcement by Verizon Business concerning an expanded suite of protection “in the cloud” from denial-of-service-attacks is a great example of services that should be provided within the service providers’ networks – something that we’ve been advocating for years.

Of course, there’s nothing new about denial-of-service-attacks. These attacks, which started primarily as “TCP SYN” attacks, basically are designed to disable a site – or even an entire network – by using up critical network resources with bogus traffic of some [...]

Continue Reading