Home > Security News > Exploit code lurks for Cisco flaw
Security News:
EMAIL THIS

Exploit code lurks for Cisco flaw

By Edward Hurley, SearchSecurity.com News Writer
21 Jul 2003 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Code that exploits a recently revealed flaw in Cisco's router operation system is publicly available, so now it's up to network administrators to patch their systems or face attack.

There have been isolated reports over the weekend of attackers trying to exploit the vulnerability, which is in Cisco's network operating system, IOS, when processing IP version 4 (IPv4) packets. More than 100 of Cisco's products are susceptible including routers and switches.

ISPs are taking the flaw seriously and are patching their systems. "We have not seen the huge blackouts that would have occurred if they hadn't started to address the issue," said Dave Cole, director of products at Foundstone Inc., Mission Viejo, Calif. "The urgency to patch systems has certainly increased because the exploit is now available."

The Computer Emergency Response Team at Carnegie Mellon University in Pittsburgh has issued an advisory because the exploit code was posted to some Internet mailing lists. Symantec and Internet Security Systems have both raised their threat levels for the vulnerability because of the code's release.

In general, the release of exploit code increases the danger of vulnerabilities as it allows people with limited technical savvy to take advantage of the flaws. Instead of having to write the precise packets needed to attack the flaw, a would-be attacker would only have to cut and paste the information from the Internet. In the case of the Cisco vulnerability, exploiting it would trigger a denial-of-service attack that could shut down Web sites and network access points.

Exploiting the vulnerability requires sending some specially crafted IPv4 packets to affected systems. The packets would trick the systems into thinking they are full. The routers and switches would then stop processing traffic, which would render Web servers and other network-dependent systems inaccessible.

The release of the exploit code wasn't surprising given the fact that advisories give would-be attackers the information they need to create the code, Cole said. "The real question is whether people would have enough time to perform upgrades to their systems."

FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Fix for Cisco flaw will be tricky"

Cisco's security bulletin (including the patch)



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts