Advertisement
 
To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------
Cisco bug lurks near switches

By Staff writers, 0
July 02, 2001
URL: http://www.zdnet.com.au/news/soa/Cisco-bug-lurks-near-switches/0,139023165,120235951,00.htm


Networking hardware maker Cisco Systems and the Computer Emergency Response Team (CERT) Coordination Centre have warned of a bug in Cisco routers that could allow hackers to disrupt Internet traffic or intercept sensitive information.

The bug allows an attacker to gain control of any Cisco router running certain operating software. Routers are devices that control how data moves around the Internet. Malicious attackers could stop Internet traffic, intercept information such as passwords and credit card numbers, or redirect traffic from Web sites.

The vulnerability allows a person to take control of the router without authorisation. It affects "virtually all" mainstream Cisco routers and switches running Cisco's proprietary operating software, known as IOS.

"This access allows a remote attacker to inspect or change the configuration of the device, effectively allowing complete control," Internet security watchdog CERT wrote in an advisory.

Cisco said the vulnerability is caused by a flaw in the Web-server embedded in its routers that allow administrators to remotely control the devices via the Internet. As a result, it is possible to by-pass authentication and exercise complete control over the router. The vulnerability requires little skill to exploit: an attacker can simply send a crafted URL, and commands will be executed on the router.

Cisco is recommending that these internal Web servers be disabled. The company is providing a software upgrade and a "workaround" to fix the problem, which will be available on its Web site.

Cisco said it has not had any reports of the bug being exploited. The bug originally was reported by independent consumers.

"We've had no reports by customers of active exploitation of these vulnerabilities," a Cisco spokeswoman confirmed in an e-mail interview. "The vulnerabilities have been or are in the process of being fixed, and the security advisories are being shared with customers."

Staff writer Matthew Broersma reported from London.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.