Security researchers have reported a vulnerability in
the web server code of Cisco’s main router operating
system.
The flaw affects Cisco’s Internetwork Operating System (IOS)
used in the majority of Cisco’s routers and switches.
Armed with only the IP address of the router, the flaw
potentially allows remote attackers to gain administrative control
of a router or run arbitrary code on networks.
The threat has been reported by both the Secunia and
SecurityFocus internet security firms.
Using the opening, attackers can potentially view the data of a
router’s memory, otherwise known as a memory dump. This can be used
to gain administrator privileges.
Only Cisco routers running on IOS HTTP server software are
affected. IOS HTTP is used as a less complicated way to implement
and manage Cisco routers, as it is an alternative to text-based
command line instructions.
Cisco routers with IOS software versions 11.0 and higher are
vulnerable, as they ship with the HTTP server software.
The HTTP server feature is not enabled by default in most IOS
versions installed on routers, although companies may find that
their reseller or integrator has switched on the software.
Cisco says it is aware of the potential threat and is
considering whether to issue a patch.