New Cisco flaw deeply worries Security vendor Symantec

By Derek Sooman on September 8, 2005, 4:36 AM
Security vendor Symantec has raised its Internet threat level in response to a serious flaw in Cisco Systems software that could be exploited to crash or remotely run malicious code on IOS based devices. IOS is the operating system used on Cisco Systems routers and some network switches. It is a complete multi-tasking operating system and provides kernel services such as process scheduling as well as the command line interface and routing software. IOS based devices make up a large portion of the Internet's infrastructure.

"Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code," Cisco said in its advisory. "Repeated exploitation could result in a sustained (denial of service) attack or execution of arbitrary code."
The vulnerability doesn't affect all versions of IOS, according to Cisco, and the Firewall Authentication Proxy for FTP and Telnet Sessions have to be in use. Nevertheless, this remains a deeply worrying security threat to the Internet, thus the increase in Internet threat level by Symantec.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.