Cisco warns over serious authentication bug
Who goes there?
Cisco has warned of a vulnerability in its IOS Firewall Authentication Proxy which might be used by hackers to launch denial of service attacks against vulnerable systems. The vulnerability stems from a software bug in processing user authentication credentials which might be exploited to cause a buffer overflow.
Successful attacks can cause an affected device to reload and might even allow arbitrary code execution provided a vulnerable Authentication Proxy is configured to handle either FTP or Telnet Sessions. Devices that do not support, or are not configured for Firewall Authentication Proxy for either FTP or Telnet Services are not affected.
The vulnerability applies to various versions of Cisco IOS 12.x. An advisory from Cisco provides a matrix explaining how users can get software updates to guard against possible attack. A US-CERT advisory gives a more concise overview of the problem which security notification firm Secunia rates as moderately critical. ®