Cisco Systems (Profile, Products, Articles) has warned that its IOS router operating system software is vulnerable to another serious security flaw, affecting the authentication system for FTP and telnet connections. The flaw could allow attackers to take over or repeatedly crash devices running the widely used operating system.
The warning follows on the heels of a controversy that saw Cisco using legal action against a security researcher to prevent him from disclosing techniques for exploiting Cisco routers. The problem was serious enough for security giant Symantec (Profile, Products, Articles) to raise its overall Internet danger level a notch.
The problem affects the Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions, a feature allowing administrators to set security profiles for individual users logging on to network services via FTP or telnet. The software is vulnerable to a common type of bug -- a buffer overflow -- when a user remotely creates a TCP connection to an affected IOS device.
View: The full story
News source: InfoWorldRead full story...
News source:
Full Story
Hybrid Mode
