SoylentNews is people
SoylentNews
from the don't-let-your-router's-memory-get-too-tired dept.
Attackers are trying to exploit a high-severity zeroday in Cisco gear:
Telecoms and data-center operators take note: attackers are actively trying to exploit a high-severity zeroday vulnerability in Cisco networking devices, the company warned over the weekend.
The security flaw resides in Cisco's iOS XR Software, an operating system for carrier-grade routers and other networking devices used by telecommunications and data-center providers. In an advisory published on Saturday, the networking-gear manufacturer said that a patch is not yet available and provided no timeline for when one would be released.
CVE-2020-3566, as the vulnerability is tracked, allows attackers to "cause memory exhaustion, resulting in instability of other processes" including but not limited to interior and exterior routing protocols. Exploits work by sending maliciously crafted Internet Group Management Protocol traffic. Normally, IGMP communications are used by one-to-many networking applications to conserve resources when streaming video and related content. A flaw in the way iOS XR Software queues IGMP packets makes it possible to consume memory resources.
"An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device," Saturday's advisory stated. "A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols."
[...] The advisory provides indicators that users can check to look for evidence they're under attack. The document says there are no workarounds available to use until a patch can be installed. It does, however, list things administrators can do to mitigate the effects.
Link to the Common Vulnerabilities and Exposures entry for: CVE-2020-3566.
(Score: 2) by PinkyGigglebrain on Monday September 07 2020, @03:16AM (1 child)
oh I wasn't trying to be sarcastic. just pointing out that some of your information was wrong, and that if your going to call someone an idiot you should make sure your not going to sound like one doing it as well.
Condescending? Mmmmm nope. I wasn't putting that much effort into the comment, maybe next time.
Now we could get a dick waving contest over who knows their shit and who doesn't but you know what? Your not worth the effort. I've got better thing to do with the rest of my evening.
Sorry I hit a nerve, I didn't expect you to be so sensitive about being corrected. It happens all the time, to everyone. If you can't handle it then maybe you shouldn't post.
"Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master."
(Score: 0, Troll) by fakefuck39 on Monday September 07 2020, @05:33AM
No nerve hit - people making fun of you don't have a hit nerve - we're just getting our entertainment by laughing at clowns.
"hate to break this too" and "you should apologize" and your pot in a kettle is called talking down to someone. Now, I'm not offended by this. It's just you with your full diaper yelling it smells bad.
My original statement was right, and you like the article's author are both wrong. And no, despite what you say now, your reply was not "sarcasm" - you genuinely thought you were correcting me - that's quite obvious.
Do you often correct people who are right, with your wrong information, and call it "sarcasm?" Because I call that a fool announcing himself.