Apologies for responding to my own post, but Secunia
has released more details on this vulnerability alert,
specifically:
[snip]
A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products:
* Cisco IP Phones 7902/7905/7912
* Cisco ATA (Analog Telephone Adaptor) 186/188
* Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected:
* Cisco 500 Series Content Engines
* Cisco 7300 Series Content Engines
* Cisco Content Routers 4400 series
* Cisco Content Distribution Manager 4600 series
* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
Solution:
See patch matrix in vendor advisory for information about fixes.
http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
Provided and/or discovered by:
NISCC credits Dr. Steve Beaty.
Original Advisory:
Cisco:
http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC:
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
[snip]
http://secunia.com/advisories/15472/
- ferg