Cisco has warned of a vulnerability in its IOS Firewall Authentication Proxy which might be used by hackers to launch denial of service attacks against vulnerable systems. The vulnerability stems from a software bug in processing user authentication credentials which might be exploited to cause a buffer overflow.

Successful attacks can cause an affected device to reload and might even allow arbitrary code execution provided a vulnerable Authentication Proxy is configured to handle either FTP or Telnet Sessions. Devices that do not support, or are not configured for Firewall Authentication Proxy for either FTP or Telnet Services are not affected.

The vulnerability applies to various versions of Cisco IOS 12.x. An advisory from Cisco provides a matrix explaining how users can get software updates to guard against possible attack. A US-CERT advisory gives a more concise overview of the problem which security notification firm Secunia rates as moderately critical. ®

Related stories

• Cisco to get API-happy (17 December 2007)
• Network security vulns keep sysadmins busy (23 May 2007)
• Cisco squishes bug trio (25 January 2007)
• Big debate over small packets (8 September 2005)
• Cisco security flap leaves millions scrambling for help (3 August 2005)
• Cisco portal password security compromised (3 August 2005)
• Exploit writers team up to target Cisco routers (2 August 2005)
• Cisco details Black Hat vuln fix (1 August 2005)
• Settlement reached in Cisco flaw dispute (29 July 2005)
• Cisco, ISS file suit against rogue researcher (28 July 2005)
• Cisco patches security software (15 July 2005)