Cisco IOS Security Hole

Posted in Security by Dragan Pleskonjic @ Sep 8, 2005

Cisco company, which sells much of the hardware that runs big part of Internet and many private networks, has admitted that some of the newest versions of its Internetwork Operating System (IOS) have a serious security hole. According to a security warning, users should upgrade to alternate editions or install fixed versions of IOS.

The hole is in the Firewall Authentication Proxy for FTP and/or Telnet Sessions in versions of IOS 12.2 through 12.4. It can be used for a denial-of-service (DoS) attack which would likely bring down the device or take control of it.

All the attacker has to do is complete a TCP connection to a IOS-running device, launching the exploit when the device is performing an user authentication.

If you don’t want to upgrade to more secure versions, Cisco suggests disabling any firewall authentication feature for Telnet and FTP sessions and instead deploy firewall authentication for HTTP and HTTPS sessions.

There is “Cisco Security Advisory: Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow” at:
http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml

Sphere: Related Content

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment