Article

Cisco patches multiple IOS flaws

Bill Brenner

Cisco Systems has patched its Internetwork Operating System (IOS) against security holes an attacker could exploit to cause a denial of service or access network resources.

The San Jose, Calif.-based networking giant described the problems in two advisories. The first

    Requires Free Membership to View

said IOS software versions 12.2T, 12.3 and 12.3T "may contain vulnerabilities in processing certain Internet Key Exchange (IKE) XAUTH messages when configured to be an Easy VPN Server. Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources."

Danish security firm Secunia said in its advisory that:

  • An error in how Internet Key Exchange Extended Authentication (XAUTH) messages are handled can be exploited to complete authentication and gain access to network resources using specially crafted packets.
  • An error in how Internet Security Association and Key Management Protocol (ISAKMP) profile attributes are handled could result in the attributes not being processed properly.

XAUTH is an extension to IKE that lets organizations use existing legacy authentication methods to manage remote access. ISAKMP is a standard that specifies the framework for key exchange and authentication.

Cisco's second advisory said certain versions of IOS may be susceptible to a denial-of-service attack "when configured to use the IOS Secure Shell (SSH) server in combination with Terminal Access Controller Access Control System Plus (TACACS+) as a means to perform remote management tasks on IOS devices."

More on Cisco and security

Read about Cisco's grand plan for incorporating security into its product line.

The case for self-defending networks

 

Secunia's advisory said there is also a memory leak attackers could exploit to exhaust memory resources when SSH users are authenticated against a TACACS+ server and login fails due to invalid credentials.

Cisco said these issues affect any Cisco device running an unfixed version of IOS that supports and is configured to use the SSH server functionality.

The SSH protocol is designed to provide a secure, encrypted connection to a Cisco IOS device. This connection provides functionality similar to a telnet connection, Cisco said. The difference is that all traffic between the server and the client, including authentication information, travels encrypted through the wires. TACACS provides a way to centrally validate users attempting to gain access to servers, workstations, routers, switches, access servers, and other network devices, the company said.

The Cisco advisories offer full details on what the patches do and where to install them.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: