SoylentNews is people
SoylentNews
from the don't-let-your-router's-memory-get-too-tired dept.
Attackers are trying to exploit a high-severity zeroday in Cisco gear:
Telecoms and data-center operators take note: attackers are actively trying to exploit a high-severity zeroday vulnerability in Cisco networking devices, the company warned over the weekend.
The security flaw resides in Cisco's iOS XR Software, an operating system for carrier-grade routers and other networking devices used by telecommunications and data-center providers. In an advisory published on Saturday, the networking-gear manufacturer said that a patch is not yet available and provided no timeline for when one would be released.
CVE-2020-3566, as the vulnerability is tracked, allows attackers to "cause memory exhaustion, resulting in instability of other processes" including but not limited to interior and exterior routing protocols. Exploits work by sending maliciously crafted Internet Group Management Protocol traffic. Normally, IGMP communications are used by one-to-many networking applications to conserve resources when streaming video and related content. A flaw in the way iOS XR Software queues IGMP packets makes it possible to consume memory resources.
"An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device," Saturday's advisory stated. "A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols."
[...] The advisory provides indicators that users can check to look for evidence they're under attack. The document says there are no workarounds available to use until a patch can be installed. It does, however, list things administrators can do to mitigate the effects.
Link to the Common Vulnerabilities and Exposures entry for: CVE-2020-3566.
(Score: 1, Troll) by fakefuck39 on Sunday September 06 2020, @11:41PM (9 children)
That's cute. Fuck Cisco and their walled garden. I want to own my devices damn it. How about if you don't know the difference between a hipster phone and a BGP router, you post articles about xbox games instead of datacenter. If your router takes IGMP from random laptops, you got bigger problems to worry about. If your management server has been compromised to send accepted IGMP, you got bigger problems than your router rebooting (which you have a redundant router for anywise).
No, non-technical ARS journalist, attackers are not trying to exploit this. No telco/carrier told you this. You are lying, and you are an idiot. Cisco iOS. lol.
(Score: 2) by PinkyGigglebrain on Monday September 07 2020, @12:54AM (8 children)
hate to break this too you but there really is a Cisco IOS [wikipedia.org]
You might want to apologize for calling the kettle black
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 1, Funny) by Anonymous Coward on Monday September 07 2020, @01:10AM (3 children)
Where are those IGMP packets, they seem like a hard thing
I tried to reach for you, but you have closed your ping
Whatever happened to our love?
I wish I understood
It used to be so nice, it used to be so good
So when you're near me, bluetooth can't you hear me
iOS
The ping you gave me, nothing else can save me
IOS
(Score: 2) by PinkyGigglebrain on Monday September 07 2020, @01:16AM
Sung to the music of SOS by ABBA.
Well played poster, well played, I tip my hat to you :)
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 2) by jasassin on Monday September 07 2020, @05:12AM (1 child)
I believe you are mistaking IGMP (group management) for ICMP (type 8, echo request).
ICMP is actually a user of the IP protocol--in other words, ICMP messages must be encapsulated within IP packets. However, ICMP is implemented as part of the IP layer. So ICMP processing can be viewed as occurring parallel to, or as part of, IP processing. An echo request, or ping, is ICMP type 8.
IGMP messages are encapsulated in IP datagrams, with an IP protocol number of 2.
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 0) by Anonymous Coward on Monday September 07 2020, @09:45AM
My sincere apologies for not reviewing the relevant RFCs and OSI model documentation that I haven't read since the '90s before rewriting part of an ABBA song to point out the difference between "iOS" and "IOS".
(Score: -1, Troll) by fakefuck39 on Monday September 07 2020, @01:41AM (2 children)
I can see you're the Pinky part of your username. I love it when people who don't know shit are sarcastic and condescending. It's like a guy who shat his pants yelling that it smells like shit. We all know the smell is coming from you.
(Score: 2) by PinkyGigglebrain on Monday September 07 2020, @03:16AM (1 child)
oh I wasn't trying to be sarcastic. just pointing out that some of your information was wrong, and that if your going to call someone an idiot you should make sure your not going to sound like one doing it as well.
Condescending? Mmmmm nope. I wasn't putting that much effort into the comment, maybe next time.
Now we could get a dick waving contest over who knows their shit and who doesn't but you know what? Your not worth the effort. I've got better thing to do with the rest of my evening.
Sorry I hit a nerve, I didn't expect you to be so sensitive about being corrected. It happens all the time, to everyone. If you can't handle it then maybe you shouldn't post.
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 0, Troll) by fakefuck39 on Monday September 07 2020, @05:33AM
No nerve hit - people making fun of you don't have a hit nerve - we're just getting our entertainment by laughing at clowns.
"hate to break this too" and "you should apologize" and your pot in a kettle is called talking down to someone. Now, I'm not offended by this. It's just you with your full diaper yelling it smells bad.
My original statement was right, and you like the article's author are both wrong. And no, despite what you say now, your reply was not "sarcasm" - you genuinely thought you were correcting me - that's quite obvious.
Do you often correct people who are right, with your wrong information, and call it "sarcasm?" Because I call that a fool announcing himself.
(Score: 0) by Anonymous Coward on Monday September 07 2020, @08:23AM
*whoosh*