- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Cisco last week warned of several vulnerabilities in its IOS software that attackers could use to bring down routers in enterprise and service provider networks.
The three separate software flaws are related to Border Gateway Protocol (BGP), Multi-protocol Label Switching (MPLS) and IPv6. Two of the three bugs present the opportunity for an outside attacker to send a specially crafted packet, which would disrupt the router and cause it to reload. Attackers could use this technique repeatedly to mount a denial-of-service attack on the router.
Cisco has updated software available to fix the IOS problems. The company says it has no reports of any of the three bugs being used in an attack.
The BGP, IPv6 and MPLS vulnerabilities in IOS come a week after an IOS flaw was reported that affects Cisco access routers to support IP telephony and VoIP services.
"IOS has had a number of these problems in the past, and Cisco has quietly fixed them," says Frank Dzubeck, president of consulting firm Communications Network Architects. "They never made a big deal about them, the way Microsoft does. Now the question becomes, is IOS the next Windows in terms of a security problem?"
Rss FeedRss Feed
The Leader in Network Knowledge
Comment