Vulnerabilities are exposed and discussed in this Network World Fusion article.
Thanks Phil Hochmuth, for the info about three more flaws reported in Cisco IOS:
- BGP
- MPSL
- IPv6
In each case malformed packets may cause the router to reset, acting as a defacto denial of service attack. In the Border Gateway Protocol context however, the malformed packets can only be delivered by a trusted BGP router peer, so risks are lower.
I applaud Cisco for being forthcoming with these flaws and quickly developing and releasing their fixes. It is critical in modern business to step up protection of critical functions like networking. However, I would expect that they would be willing to work with their peers in the industry to strengthen security of the network infrastructure around the world and around the economy. Unfortunately, recent experience tells a different tale.