A vulnerability in Cisco's Internetwork Operating System (IOS) could be exploited by remote attackers to crash...
or run malicious code on devices that run the software.
IOS runs on Cisco's routers and switches, which make up a large portion of the internet's infrastructure, as well as being used across enterprises.
In an advisory note, Cisco said, "Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code. Repeated exploitation could result in a sustained denial of service attack."
The flaw does not affect all versions of IOS. Cisco has issued a patch to protect IOS versions 12.2ZH, 12.2ZL, 12.3, 12.3T, 12.4 and 12.4T.
Last month Cisco issued new passwords to registered users of its website after discovering a vulnerability in a search tool that could expose log-in details.
In August Cisco had to patch another flaw in IOS, which could allow a hacker to gain remote access to any router running the operating system using a buffer overflow attack.
Analyst firm Gartner warned that the discovery of the flaw in the Cisco operating system opened up the possibility of more serious exploits against routers and switches and could stem from the theft of Cisco source code in 2004.