Feeds

Cisco visits top clients to warn of SNMP bugs

Door for possible DoS exploits

  • alert
  • submit to reddit

Security for virtualized datacentres

Cisco has publicly disclosed a number of potentially devastating security vulnerabilities affecting the operating system used by its routers and switches.

In the most serious case, flaws in the way Cisco's Internetwork Operating System (IOS) implements Simple Network Management Protocol (SNMP), a standard for the remote administration of network devices, could leave the door open to fresh types of denial of service attacks.

Multiple versions of IOS contain several independent, but related, vulnerabilities involving the unexpected creation and exposure of SNMP community strings, which define how operating variables can be viewed or modified on a networked device.

"Knowledge of read-write community strings allows remote configuration of affected devices without authorisation, possibly without the awareness of the administrators of the device and resulting in a failure of integrity and a possible failure of availability," Cisco discloses in a security notice, available here.

Roy Hills, testing development director at security testing firm NTA Monitor, said: "What Cisco has said indicates there's potential for denial of service attack, the question is how easy this would be. Any real damage possible with the vulnerability depends on the scope of access and whether an exploit became posted."

According to Hills, the vulnerability is a "major issue" because so many devices will need to be modified, a particular headache for service providers.

The vulnerability affects almost all Cisco routers and switches, but not its voice gateways, optical switches or firewalls.

Cisco is taking the issue very seriously and took the highly unusual step of visiting its most important customers to discuss the issue beforehand, including one Register reader who told us he received a short-notice visit from three senior Cisco techies last week.

To fix the bugs, Cisco is offering free software upgrades for various versions of its operating system, all of which are affected by the problem. Pending the availability of some of these fixes, Cisco has suggested a workaround involving blocking SNMP access.

Separately, Cisco has warned that IOS contains a flaw which permits the successful prediction of TCP Initial Sequence Numbers; this makes it easier to forge messages that could allow crackers to break into systems.

However, exploitation of the vulnerability is only possible for TCP sessions which originate or terminate on the affected Cisco device itself, not on traffic flowing through it. More information on this bug is available here. ®

Related stories:
Cisco routers vulnerable to easy attack
Cisco 600 routers offer cracker fun

Providing a secure and efficient Helpdesk

More from The Register

next story
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
CAGE MATCH: Microsoft, Dell open co-located bit barns in Oz
Whole new species of XaaS spawning in the antipodes
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.