Three security updates from Cisco
Cisco has published three security advisories, along with updates, describing vulnerabilities in its products. The most critical vulnerability is in the special versions of the IOS network device operating system, as used in products in the Cisco IAD2400 series, 1900 series mobile wireless edge routers und Cisco VG224 analogue phone gateways. The SNMP community string for read and write access is hard-coded into these versions of IOS. If SNMP is activated, an attacker who knows the character string ("cable-docsis") can gain access to the device to read data or reconfigure the device. Exactly which products are affected is listed in the manufacturer's report.
In addition, Cisco has reported two flaws in its intrusion detection system (IDS) and intrusion prevention system (IPS), through which it is possible to evade the analysis of fragmented packets such that attacks are no longer recognised. In addition, web administration can be crashed using prepared SSLv2 Client Hello packets, such that it is subsequently no longer possible to access it via SSH or the console. Cisco IDS 4.1(x), Cisco IPS 5.0(x) and IPS 5.1(x) are affected. Finally Cisco has also fixed a cross-site scripting vulnerability in Cisco Guard.
- DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms, security advisory from Cisco
- Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities, security advisory from Cisco
- Cisco Guard Enables Cross Site Scripting, security advisory from Cisco