The Cisco Internetwork Operating System (IOS) may permit arbitrary
code execution after exploitation of a heap-based buffer overflow
vulnerability. Cisco has included additional integrity checks in its software,
as further described below, that are intended to reduce the likelihood of
arbitrary code execution.
Cisco has made free software available that includes the additional
integrity checks for affected customers.
Cisco is not aware of any active exploitation of this vulnerability.
This advisory documents changes to Cisco IOS® as a result of continued research
related to the demonstration of the exploit for another vulnerability which
occurred in July 2005 at the Black Hat USA Conference. Cisco addressed the IPv6
attack vector used in that demonstration in a separate
published on July 29, 2005.
Read the full security advisory. This affects all Cisco products that run any version of IOS (except
Cisco IOS XR). Attackers can crash your box, or worse, run shell
code. From the looks of it, this might be the fix for the hole
that Mike Lynn was trying to expose. I blogged about this a few