Security vendor Symantec has raised its Internet threat level
in response to a serious flaw
in Cisco Systems software that could be exploited to crash or remotely run malicious code on IOS based devices. IOS is the operating system used on Cisco Systems routers and some network switches. It is a complete multi-tasking operating system and provides kernel services such as process scheduling as well as the command line interface and routing software. IOS based devices make up a large portion of the Internet's infrastructure.
"Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code," Cisco said in its advisory. "Repeated exploitation could result in a sustained (denial of service) attack or execution of arbitrary code."
The vulnerability doesn't affect all versions of IOS, according to Cisco, and the Firewall Authentication Proxy for FTP and Telnet Sessions have to be in use. Nevertheless, this remains a deeply worrying security threat to the Internet, thus the increase in Internet threat level by Symantec.