Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco Flaw Opens Routers to Attack

Posted by CowboyNeal on from the right-where-it-hurts dept.

Jack writes "Cisco is suffering from a serious flaw in its router operating system, which might allow execution of remote code: 'Cisco has warned of a new flaw in its IOS router operating system which might be used by attackers to launch denial of service attacks or take over IOS-based devices. The flaw causes to buffer overflow due to incorrect handling of user authentication credentials.'"

2 of 109 comments (clear)

  1. Further... by burtdub · · Score: 3, Interesting

    A Crisco flaw has left the routers open to deep pan frying.

  2. Re:Small companies? by hal9000(jr) · · Score: 3, Interesting

    Read the advisory.
    The affected subsystem is not the firewall, but the authentication proxies for ftp and telnet. It is doubtful that those features are being used all that much.
    The advisory also list a set of ACL that should suffice in most cases until a patch is issued.
    If this was a problem in the firewall or ACL subsystem, it would be a bigger issue because many companies use them to place a reduced ruleset for all traffic that should be blocked in all directions like netbios, snmp, etc.