/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI: In an advisory warning issued by Cisco, the networking giant has warned that some of its switches and routers running IOS Version 12.2S that do not have Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled are vulnerable to Denial of Service (DoS) attacks. Said an online report.
The vulnerability is due to a flaw with the way router and switch software handles DHCP packets. Irregular DHCP packets, designed to attack the device can clog the input queue thereby blocking the traffic and rendering the devices dysfunctional, said the Cisco advisory.
Cisco devices that do not run IOS software or that have DHCP enabled are not affected by this vulnerability.
The following devices, if running a branch of IOS version 12.2S are affected:
- 2650, 2651, 2650XM and 2651XM Multiservice platforms
- ONS15530 and ONS15540 optical platforms
- Catalyst 4000 switches with Sup2plus, Sup3, Sup4 and Sup5 modules
- Catalyst 4500 switches with Sup2Plus TS modules
- Catalyst 4948, 2970, 3560, and 3750 switches
- Catalyst 6000, Sup2/MSFC2 and Sup720/MSFC3 modules
- 7600 routers with Sup2/MSFC2 and Sup720/MSFC3 modules
For a software patch to fix this problem and further information visit Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service.