Users warned of new flaw in Cisco IOS


Users warned of new flaw in Cisco IOS

Antony Savvas

A vulnerability in Cisco's Internetwork Operating System (IOS) could be exploited by remote attackers to crash or run malicious code on devices that run the software.

IOS runs on Cisco's routers and switches, which make up a large portion of the internet's infrastructure, as well as being used across enterprises.

In an advisory note, Cisco said, "Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code. Repeated exploitation could result in a sustained denial of service attack."

The flaw does not affect all versions of IOS. Cisco has issued a patch to protect IOS versions 12.2ZH, 12.2ZL, 12.3, 12.3T, 12.4 and 12.4T.

Last month Cisco issued new passwords to registered users of its website after discovering a vulnerability in a search tool that could expose log-in details.

In August Cisco had to patch another flaw in IOS, which could allow a hacker to gain remote access to any router running the operating system using a buffer overflow attack. 

Analyst firm Gartner warned that the discovery of the flaw in the Cisco operating system opened up the possibility of more serious exploits against routers and switches and could stem from the theft of Cisco source code in 2004.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy