Exploit Of Cisco Flaw Released, But No Outages Reported - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Exploit Of Cisco Flaw Released, But No Outages Reported

Researchers say hackers have figured out how to use a software flaw in Cisco's networking gear to cripple the equipment, but there were no immediate reports of outages.

SAN JOSE, Calif. (AP) -- A day after Cisco Systems Inc. warned of a serious software flaw in networking gear that routes Internet traffic, researchers said hackers had figured how to cripple the equipment.

There were no immediate reports of outages, but that was expected to change, the Computer Emergency Response Team, a taxpayer-funded group at Carnegie Mellon University, said Friday in an advisory.

Internet security companies boosted their threat assessment levels.

"This exploit allows an attacker to interrupt the normal operation of a vulnerable device," the CERT advisory said. "We believe it is likely that intruders will begin using this or other exploits to cause service outages."

On Thursday, operators of Internet backbone and other companies scrambled to patch the flaw, which could cause widespread outages because Cisco routers and switches are so prevalent on the Internet.

Cisco did not immediately comment on the exploit. The San Jose-based network gear maker released a workaround as well as a free patch to fix the flaw in its widely used Internetworking Operating System.

Internet providers, meanwhile, quickly scheduled maintenance downtime to install the patch.

According to Cisco's alert, the vulnerability is exploited by sending a "rare sequence" of data packets to a device running IOS, the equivalent of Windows for routers and switches. It causes the device to stop processing traffic once its incoming queue is full.

The attack, which spokesman Jim Brady said Cisco discovered through internal testing, does not trigger any alarms and can be repeated until the device is inaccessible.

"This type of attack can be launched at a specific target, or launched indiscriminately to cause widespread outages," according to an alert issued by Internet Security Systems.

An unusually high number of emergency maintenance outages have been scheduled by Internet carriers and providers since Tuesday, said Dan Ingevaldson, engineering manager for ISS's X-Force research development group.

Large Internet traffic carriers, such as AT&T, MCI, and Sprint, have taken measures. Dave Johnson, a spokesman for AT&T, said the company was alerted by Cisco on Tuesday night.

Network administrators who manage Cisco equipment are more likely to pay attention to security warnings than home computer users. Still, applying a patch to a router is not a trivial operation, Ingevaldson said.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll