Cisco had warned that its IOS router operating system was vulnerable to a flaw that affected the Firewall Authentication Proxy for FTP and Telnet Sessions. Potentially, the flaw could enable attackers to repeatedly crash or take control of the operating system.
Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code, Cisco said its advisory last week. Repeated exploitation could result in a sustained DoS attack or execution of arbitrary code on Cisco IOS devices.
Software patches were made available from Cisco at the time of the advisory. Administrators could dodge the problem by deploying authentication services for HTTPS and HTTP instead, Cisco said.
Devices that don’t have the Firewall Authentication Proxy for Telnet or TFP configured would not be affected, Cisco said.
Cisco spokesman, John Noh said the company has never heard of any security breaches with its IOS router.
However, the latest warning comes shortly after former Internet Security Systems Inc researcher Michael Lynn cracked Cisco’s IOS software and shared his knowledge with the crowd at the Black Hat 2005 conference.
Cisco used legal action to prevent him from disclosing his techniques, which created something of an uproar and was shortly followed by an attacker breaching Cisco’s Web site security. (As a result, the company had to reset its customer and user passwords.)
Mr Noh said the latest IOS flaw was discovered through internal Cisco testing.
