Cisco warns of router security flaws


Cisco warns of router security flaws

Antony Savvas

Cisco has reported major vulnerabilities in the Intrusion Prevention System (IPS) feature set of its Cisco IOS routing and switching operating system.

The flaws allow attackers to bypass the intrusion prevention system and enter users’ networks or crash a router and cause a denial of service attack.

Cisco said fragmented IP packets could be used by attackers to evade signature inspection by the security software.

In addition, IPS signatures using the regular expression feature of the ATOMIC.TCP signature engine may cause a router to crash to cause a denial of service attack.

Cisco said there were workarounds available to mitigate the threats, and it has made free software available to address the vulnerabilities in affected systems.

A large number of Cisco products are threatened by the flaws, although Cisco said it was not aware of any attacks using the bugs in the wild.

The fragmented IP packets flaw was discovered internally by Cisco, and the other threat was reported to the supplier by a customer, said Cisco.

Read the full Cisco security advisory

Cisco upgrades campus networking offering

Comment on this article:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy