Feeds

Cisco visits top clients to warn of SNMP bugs

Door for possible DoS exploits

  • alert
  • submit to reddit

7 Elements of Radically Simple OS Migration

Cisco has publicly disclosed a number of potentially devastating security vulnerabilities affecting the operating system used by its routers and switches.

In the most serious case, flaws in the way Cisco's Internetwork Operating System (IOS) implements Simple Network Management Protocol (SNMP), a standard for the remote administration of network devices, could leave the door open to fresh types of denial of service attacks.

Multiple versions of IOS contain several independent, but related, vulnerabilities involving the unexpected creation and exposure of SNMP community strings, which define how operating variables can be viewed or modified on a networked device.

"Knowledge of read-write community strings allows remote configuration of affected devices without authorisation, possibly without the awareness of the administrators of the device and resulting in a failure of integrity and a possible failure of availability," Cisco discloses in a security notice, available here.

Roy Hills, testing development director at security testing firm NTA Monitor, said: "What Cisco has said indicates there's potential for denial of service attack, the question is how easy this would be. Any real damage possible with the vulnerability depends on the scope of access and whether an exploit became posted."

According to Hills, the vulnerability is a "major issue" because so many devices will need to be modified, a particular headache for service providers.

The vulnerability affects almost all Cisco routers and switches, but not its voice gateways, optical switches or firewalls.

Cisco is taking the issue very seriously and took the highly unusual step of visiting its most important customers to discuss the issue beforehand, including one Register reader who told us he received a short-notice visit from three senior Cisco techies last week.

To fix the bugs, Cisco is offering free software upgrades for various versions of its operating system, all of which are affected by the problem. Pending the availability of some of these fixes, Cisco has suggested a workaround involving blocking SNMP access.

Separately, Cisco has warned that IOS contains a flaw which permits the successful prediction of TCP Initial Sequence Numbers; this makes it easier to forge messages that could allow crackers to break into systems.

However, exploitation of the vulnerability is only possible for TCP sessions which originate or terminate on the affected Cisco device itself, not on traffic flowing through it. More information on this bug is available here. ®

Related stories:
Cisco routers vulnerable to easy attack
Cisco 600 routers offer cracker fun

Best practices for enterprise data

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
VMware builds product executables on 50 Mac Minis
And goes to the Genius Bar for support
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?