Cisco fixes security flaw in Nexus switches

By Antone Gonsalves on Feb 20, 2012 8:29 AM
Filed under Security

To prevent DoS attacks.

Cisco has released a patch for an operating system flaw that could leave its Nexus switches open to denial-of-service attacks.

The network equipment maker released the fix Wednesday for NX-OS. The affected switch series are the Nexus 1000v, 5000 and 7000.

To exploit the vulnerability, a hacker could modify an IP packet to trigger a DoS attack, according to the US Computer Emergency Readiness Team. The agency issued an advisory recommending that Nexus users install the patch.

NX-OS is the network operating system within Nexus switches. The vulnerability is within the OS' IP stack and "any feature that makes use of the services offered by the IP stack to parse IP packets is affected," Cisco said.

"Successful exploitation of the vulnerability that is described in this advisory may result in a reload of an affected device," the company said. "Repeated exploitation could result in a sustained DoS condition."

Cisco released last September a set of security patches fixing 10 separate vulnerabilities in some of its major software and unified communications products. Among the fixes was one for a DoS vulnerability in the IOS IP Service Level Agreement feature. The flaw was triggered when specially crafted UDP packets were sent to a vulnerable device, Cisco said.

 

This article originally appeared at crn.com

 
Follow us on Facebook and Twitter
 

Copyright © 2014 The Channel Company, LLC. All rights reserved.

Cisco fixes security flaw in Nexus switches
Tags
 
 
 
 
 
Top Stories
Datacom takes heathy bite of Canberra software firm
Signals hospital push with SmartWard purchase.
 
Lack of 'coke and hookers in the cloud' is good for channel
[Blog post] If the vendor isn't showing love, partners can pick up the slack.
 
Small reseller called in to fix mess Telstra left behind
Acurus rescues client that used to be telco's promotional case study.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
My business strategy is to:

Latest Comments
CRN Magazine

Issue: 330 | August 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.