Cisco releases the latest ICMP attack method for Routers

In a recent IOS Security Bulletin, cisco warned that a public management protocol used on the Internet can be exploited to launch denial-of-service attacks against Cisco routers or other IP-based devices.
This Security Bulletin warns of potential attacks based on Internet Control Packet protocol ICMP. Attacks may cause unavailability of IOS devices. Cisco's Security Bulletin is based on a bulletin issued by the National Infrastructure Security Coordination Center NISCC, the announcement released by NISCC refers to a document published by the IETF website describing how ICMP is used to initiate DoS attacks against TCP communication.
ICMP is a subprotocol of the TCP/IP protocol family. It is used to transmit control messages between IP hosts and routers. A message control refers to a message of the network itself, such as network connectivity, host accessibility, and routing availability. According to the IETF documentation, attackers may send some ICMP "hardware error" messages to devices running TCP, causing devices to reset TCP connections or reduce the throughput of TCP connections. If such ICMP messages are repeatedly sent, the device may become inaccessible to the network. The IETF document also outlines another DoS attack method that uses the path's largest transmission unit to discover PMTUD. PMTUD is a mechanism of ICMP to process error messages.
Cisco indicates that only routers and other devices running IOS with PMTUD enabled are under this attack. It indicates that ICMP "hardware error" message attacks are invalid for Cisco devices. However, all versions of IOS10.x, 11. x, and 12.xare vulnerable to PMTUD-based attacks. Other devices that are not IOS-based are also vulnerable, including Cisco Aironet WLAN devices, stacked and rack-mounted Catalyst switches, and ONS optical network devices.
Cisco indicates that PMTUD is disabled by default on IOS devices running IPv4, but PMTUD is enabled by default on IOS devices running IPv6 or IPSec, such as VPN devices and PIX security application devices. Cisco warned that his IOS-XR Internet Router Based on the CRS-1 operating system is vulnerable to PMTUD attacks and ICMP "Hard error" message attacks. PMTUD is disabled by default in the IOS-XR ).
Cisco has released software patches for these vulnerabilities. At the same time, Cisco indicates that disabling PMTUD on a Cisco device is also a solution to the problem.