July 18, 2003 — (WEB HOST INDUSTRY REVIEW) — Cisco Systems (cisco.com) revealed on Thursday that Cisco routers and switches running Cisco IOS software and configured to process Internet Protocol version 4 (IPv4) packets are vulnerable to Denial of Service (DoS) attacks.
Cisco IOS versions 11.x and 12.x prior to 12.3 are affected by the vulnerability. Cisco devices that do not run Cisco IOS software are not affected.
Devices running only IP version 6 (IPv6) are also not affected.
Cisco has issued an advisory and made software available, free of charge, to correct the problem.
According to reports, the situation has worsened due to the release of the exploit code on a full disclosure mailing list. The concern now is over how much damage can be done before system administrators can update their router software and counteract the vulnerability.
In an update posted today in its advisory, Cisco confirmed that this situation has been brought to its attention.
