In association with heise online

26 March 2009, 10:03

Cisco patches several vulnerabilities in IOS

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco has published the details of several vulnerabilities in its IOS network operating system. For example, the processing of prepared packets through WebVPN, SSLVPN, SIP and Mobile IP services could allow a remote attacker to a restart or crash a system causing a denial of service condition. A problem in the Secure Copy (SCP) implementation could provide users with access to the IOS command-line interface (CLI). The configuration of the device could then be manipulated or allow access to stored passwords – even if the CLI user rights don't permit it.

Updates for Cisco's IOS have been provided to resolve the issues. An overview of the vulnerabilities is available in the original security advisory provided by Cisco.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit