TechTarget

Cisco network products are hit by buffer overflow in wake of Nimda

Reports from concerned users claim that some Cisco Catalyst routers, Cisco Call Manager 3 and Pix firewalls have repeatedly...

Reports from concerned users claim that some Cisco Catalyst routers, Cisco Call Manager 3 and Pix firewalls have repeatedly crashed or had to be shut down after operators were unable to control data traffic or change settings.

One network manager on the Cisco User Forum said, "We have got a really nasty situation that cropped up after Nimda did its damage to a Web server. The attack drove the router to 100% utilisation, and now the unit won't block TCP 80."

Similar reports are coming from other newsgroups and Cisco has set up an advisory on its Web site.

In security advisories issued after the Code Red attack in July, Cisco recommended turning off port 80, normally used as a last resort for controlling large flows of Internet data. Scott Blake of security consultancy Bindview said, "We have heard a few reports of Cisco products being affected and it sounds like a classic buffer overrun attack due to the huge volumes of traffic generated by the Nimda virus."

Bindview said IOS, the built-in operating system of the affected Cisco products, could be being corrupted, causing anomalous behaviour. "It is unlikely that the virus writers intended this. It is more likely to be a by-product of the virus. Cisco generally makes good kit but, when it is attacked in this way, there is not a lot they can do," said Blake. "All the affected customer can do is to reload IOS and send Cisco a letter complaining about the problem and telling them to do better in the future."

www.cisco.com/warp/public/63/nimda_index.shtml

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close