Feeds

Protocol switch security risk in Cisco IOS

Cute, but far from devastating

  • alert
  • submit to reddit

New hybrid storage solutions

Don't hold the front page: a vulnerability in a Cisco security software package for routers has been discovered - but the risk is moderate.

In a security notice issued today, Cisco said its IOS Firewall Feature Set (also known as Context Based Access Control [CBAC]), has a vulnerability which permits traffic to flow when it should be blocked by dynamic access control lists.

When Cisco's Firewall Feature Set software builds up a table of connections it has "allowed", it forgets to check the protocol type on subsequent connections. So, for example, if you allow UDP port 514 (syslog) through, you also permit TCP port 514 (rsh) through.

A Cisco customer discovered the bug but the networking giant is not aware of any malicious exploitation of the problem.

Russ Spooner, a security consultant at network security specialists Interrorem, described the vulnerability as "cute", but far from devastating.

"I can see a scenario where a Trojan could be used to trick a victim to opening a large number of UDP connections with a malicious host, which might permit the malicious host to back connect using TCP," said Spooner. But there are easier ways to control Trojans and an attacker would still need to plant malicious code on a victim's network.

Roy Hills, testing development director at security consultants NTA Monitor, said: "In my experience, very few people actually use Cisco Firewall Feature Set as a firewall, even though it is sometimes sold as such. The only people that I know who use this firewalling feature use it in conjunction with another firewall."

Confusingly the problem doesn't apply to Cisco PIX Firewall product, only a security component of its IOS software, which runs on routers and switches.

No immediate workaround for the problem is available but Cisco has produced a schedule for updating its Cisco IOS software, within an advisory that explains the issue in much greater technical depth. ®

Related stories

SSH hits the fan for Cisco on security
Multiple flaws in Cisco router software exposed
Cisco routers vulnerable to easy attack
Defending against SYN-flood DoS attacks
DoS attacks getting scary, CERT warns

External links

Cisco's advisory which, if anything, implies the problem is more serious than it really is

Secure remote control for conventional and virtual desktops

More from The Register

next story
Leak of '5 MEELLLION Gmail passwords' creates security flap
You should be OK if you're not using ANCIENT password
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Enigmail PGP plugin forgets to encrypt mail sent as blind copies
User now 'waiting for the bad guys come and get me with their water-boards'
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.