|
09.08.05
Cisco
IOS Flaw Is Exploitable
 By
David Utter
Security firm Symantec believes the widespread use of Cisco devices will be an
irresistible target to malicious hackers.
Networking giant Cisco has announced
the presence of a flaw in the Firewall Authentication Proxy for FTP/Telnet sessions.
The proxy, part of Cisco's IOS software that forms the heart of its devices, could
fall victim to an exploitable buffer overflow condition.
"Given the
recent attention to exploitation of vulnerabilities in Cisco's IOS it is possible
that this issue will see attempts at exploit development in the near term," Symantec
said in its advisory. Systems that only use the Authentication Proxy for http/https
session are not vulnerable, according to Cisco, and the company has workarounds
and fixes posted on its web site.
Cisco's IOS was the focus of a controversial presentation at this year's Black
Hat conference in Las Vegas. A security professional named Michael Lynn quit his
job with ISS and defied Cisco by going forward with a discussion on the innate
vulnerability of the company's IOS.
He predicted that, while the hole he was discussing had been fixed, others posing
a similar threat would be found. This newest flaw subjects the specifically vulnerable
Cisco devices to being shutdown by a denial of service attack, or worse, execution
of arbitrary code by a remote user.
Cisco administrators of devices running versions 12.2ZH and 12.2ZL, 12.3, 12.3T,
12.4 and 12.4T of IOS need to either disable the proxy or restrict access to it
to trusted systems. More information can be found in the advisory, or service
contract holders can work with their usual points of contact for assistance.
About the Author:
David Utter is a staff writer for WebProNews covering technology and business.
Contact WebProNews |
