Cisco's IOS 12.0 crashes its own rollout party
'CSCO keeps releasing BUGGY SOFTWARE prematurely,but everyone loves them. Imagine if ASND did the same thing everyone will jump on them. "
By Jim Duffy
Network World Fusion, 01/07/98
No sooner did Cisco announce
the release of the newest
version of its routing software
than the bugs started showing
up.
Cisco's IOS 12.0, which was
announced on Dec. 21, can crash
routers when packets are sent to
the devices' syslog port,
according to a posting from a
Cisco official dated Dec. 27,
1998, on the BUGTRAQ mailing
list. The syslog port generates
router event messages used for
managing the devices.
The bug also affects IOS Version
11.3AA and 11.3DB, the posting
states. Cisco recently began
issuing fixes for the bug,
according to one user. But a
Cisco spokesman says all of the
fixes have not yet been released.
Though the posting states that
Cisco customers have not yet
reported any attacks, it says the
bug is easy to exploit. The
posting was written by John
Bashinski, a member of Cisco's
product security response and
escalation team.
"Administrators should be on the
lookout for potential exploitation
of this bug," Bashinski states in
the posting.
The crashing problem appears to
be caused by packets sent to the
router's syslog port, UDP port
514, the posting states. The bug
may cause different routers to
"crash differently," with some
rebooting and claiming they
were restarted by power-on, the
posting states.
ADC Telecommunications in
Minneapolis says the bug could
have affected four of its internal
routers. But Cisco recently
began issuing fixes for it and
ADC routers are running that
software, says Roy Hegge,
senior network engineer at the
company.
Users can also apply an access
list to block incoming syslog
traffic as a workaround,
Bashinski suggests in his
posting. The access list needs to
block syslog traffic destined for
any of the router's own IP
addresses or for any broadcast
or multicast address on which
the router may be listening. It
should be applied to all
interfaces running IP, the
posting states.
This workaround, however, may
have a significant performance
impact on some users' routers,
Bashinski warns.
"The impact isn't usually
extreme, but it may make a
difference on a router that's
already heavily loaded,"
Bashinski states. "Install it with
care if you install it."
IOS 12.0 features
quality-of-service, scalability
and, ironically, security
enhancements, as well as voice
support, according to Cisco. The
security features include
integrated firewall,
authentication and IP Security
tunneling.
IOS 12.0 is available now on
Cisco's routers and switches.
|
