Cisco only last week reported a problem with the security of its Internetwork Operating System (IOS), and now it looks like there are new troubles as well. Problems involving the way the Cisco IOS handles Multi Protocol Label Switching (MPLS) packet processing, IPv6 and the Border Gateway Protocol (a widely used routing protocol on the internet) have been detected that have the potential to be exploited as Denial-of-Service (DoS) vulnerabilities.

In each case the vulnerability could potentially be exploited to cause the device that uses the Cisco IOS to reload, which could lead to a sustained DoS condition.

"Since devices running IOS may transit traffic for a number of other networks, the secondary impacts of a Denial of Service may be severe," the US-CERT advisory states.


The IPv6 problem is concerned with "crafted" IPv6 packets, and can be exploited even if the router is not running this protocol.

The BGP packet vulnerability, like the MPLS and IPv6 vulnerabilities, is rooted in a malformed packet issue. The malformed packets may not necessarily come from a malicious source, according to Cisco's advisory. Also, the bug may be triggered by other means that are not considered remotely exploitable.

Cisco has, of course, been quick to release fixes.