Article

Cisco fixes IOS, intrusion defense flaws

Bill Brenner, Senior News Writer

Attackers could exploit flaws in Cisco System's Internetwork Operating System (IOS) and intrusion defense products to gain privileged access to vulnerable devices, bypass security restrictions or cause a denial of service. But fixes are available.

The San Jose, Calif.-based networking giant released two advisories this week,

    Requires Free Membership to View

one addressing a flaw in IOS. Specifically, the flaw affects IOS software running on the Cisco IAD2400 series, 1900 Series Mobile Wireless Edge Routers and Cisco VG224 Analog Phone Gateways.

In its advisory on the flaw, the French Security Incident Response Team (FrSIRT) said the problem is a design error where "a default hard-coded Simple Network Management Protocol (SNMP) community string intended for Data Over Cable Service Interface Specification (DOCSIS) compliant interfaces is enabled on devices configured for SNMP management." Attackers could exploit the flaw to gain privileged access to a vulnerable device.

Cisco's advisory outlines how customers can switch to a fixed version of the software.

Meanwhile, two vulnerabilities have surfaced in Cisco's Intrusion Detection (IDS) and Intrusion Prevention (IPS) Systems, which an attacker could exploit to cause a denial of service or bypass security restrictions.

The first problem is an error in the Web administration interface that doesn't properly handle malformed SSLv2 Client Hello packets. Attackers could exploit this to cause a vulnerable device to become unresponsive to all future remote management requests through the Web administration interface or the command-line interface (CLI) via SSH and the console.

The second problem is an error that appears when fragmented IP packets are processed. Attackers could exploit this to evade traffic inspection and circumvent the protections provided by a vulnerable device.

Cisco recommends customers upgrade to IDS version 4.1(5c) and IPS version 5.0(6p2) or 5.1(3) to fix the flaw.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: