Feeds

Security software crashes Cisco kit

Doh! Problems at Borg Central get sillier by the day

  • alert
  • submit to reddit

7 Elements of Radically Simple OS Migration

Probing Cisco's networking equipment with vulnerability scanning software is liable to crash its boxes, the networking giant has been forced to admit.

The problem, which is due to a flaw in the design of Cisco's IOS (Internetwork Operating System) software, can be exploited to produce a consistent denial of service (DoS) attack.

Cisco has advised customers using affected IOS software - 12.1(2)T and 12.1(3)T - to upgrade to later versions of the software, which it has promised to make freely available. The issue affects a large number of Cisco's router products and some of its LAN switches. More information on the issue is available here.

The DoS aspect of the flaw was discovered by what Cisco describes as "many" of its customers who uncovered the bug while conducting security scans of their networks. Despite this Cisco said it is yet to receive reports of malicious exploitation of the problem.

In its security notice Cisco stated: "Security scanning software can cause a memory error in Cisco IOS Software that will cause a reload to occur. The described defect can be used to mount a denial of service (DoS) attack on any vulnerable Cisco product."

Gunter Ollman, principal consultant at Internet Security Systems, which markets vulnerability scanning software, said that just about any vulnerability scanner would include a port scanner.

He added that the ports associated with the IOS bug are used by Trojan horse programs and would therefore routinely be scanned when a customer decided to audit the security of a network.

It's unclear how widely deployed affected products are but Ollman suggested that the defect was so obvious that it couldn't have gone unnoticed for long. He believes that upgrading an affected device is relatively straightforward but admits that this is just an educated guess on his part.

Last June, different versions of IOS were discovered to be subject to an eerily similar type of denial of service vulnerability which, like the latest bug, could be triggered by security scanning software. This would appear to call for a rewrite of this part of the software and we'd dearly love to quiz Cisco on this.

Unfortunately Cisco hasn't responded to our offer of cash for interviews. From a number of emails I've received from Register readers about their attempts to gain advice on patching up security holes with 600 series routers, it seems like the Borg aren't talking to their customers either. All enquiries are been referred to the users' service providers.

I've been paid today and am prepared to dip into my pocket for a chance to properly quiz Borg Central on this. Any payment must not conflict with my ability to pay for a round at the bar tonight. After all it is bank holiday weekend and some things are sacred... ®

External Links

Security Advisory: IOS Reload after Scanning Vulnerability

Related Stories

Multiple flaws in Cisco router software exposed
Cisco 600 routers offer cracker fun
Cisco routers vulnerable to easy attack

Best practices for enterprise data

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
VMware builds product executables on 50 Mac Minis
And goes to the Genius Bar for support
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?