Cisco Systems IOS GRE Decapsulation Fault

i would like to draw your urgent attention to a couple of securiteam articles:
the advisory, released by fx:
http://www.securiteam.com/securitynews/5sp0520jpq.html

“cisco systems ios contains a bug when parsing gre packets with gre source routing information. a specially crafter gre packet can cause the router to reuse packet packet data from unrelated ring buffer memory. the resulting packet is reinjected in the routing queues”.

this is the cisco response:
http://www.securiteam.com/unixfocus/5tp0620jpk.html
original url: http://www.cisco.com/warp/public/707/cisco-sr-20060906-gre.shtml

if you are not into routing, this is what gre is:
http://en.wikipedia.org/wiki/generic_routing_encapsulation

gadi evron,
ge@beyondsecurity.com.

Share
  • UNIX?

    Why is the securiteam article of Cisco’s response under unixfocus? doh!