C-Note-06-022: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulneabilities (9/21/06)

Cisco Intrusion Prevention System (IPS) software contains a denial of service vulnerability in web administration interface involving malformed Secure Socket Layer (SSL) packets and a fragmented packet evasion vulnerability.

There is a workaround for the web administration interface SSL denial of service vulnerability. There is no workaround for the fragmented packet IPS evasion vulnerability.

Cisco has made free software available to address these vulnerabilities for affected customers.

This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml

CIAC would like to thank Cisco for this information.