Cisco Gear Vulnerable To Denial-Of-Service, Intrusion Attacks - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Cisco Gear Vulnerable To Denial-Of-Service, Intrusion Attacks

Company reveals two new Internetwork Operating System security holes and posts fixes.

Cisco this week revealed two newly discovered IOS security holes, one of which allows IOS-based Cisco devices to be subject to Denial of Service (DoS) attacks, and the other of which allows intruders unauthorized access to a network.

The vulnerability which allows intruders into a network may allow an attacker to doctor and send special packets, called Internet Key Exchange (IKE) Xauth messages, to a router configured as an Easy VPN Server, and then gain access to a network and its resources. The vulnerability only affects IOS-based devices that are running IOS Easy VPN Server.

The DoS vulnerability affects routers and other IOS devices running Secure Shell (SSH) servers for remote management. Attackers could exploit this hole in a variety of ways, including exploiting a memory leak, and sending commands causing the router to reload. The vulnerability affects IOS-based devices running SSH version 2.

Cisco has released patches that fix the vulnerabilities.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll