Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Cisco critical vulnerability again

Cisco critical vulnerability again

by Nikola Strahija on November 3rd, 2005 Security experts have found another critical hole in Cisco's Internetwork Operating System (IOS), which runs on Cisco routers.


The French Security Incident Response Team has reported that the new flaw covers the system timers that IOS uses to run some operating system tasks. Attackers can take control of the router by tricking the system timers to run malicious code, Cisco said in a security advisory.

Cisco has published a patch, which it says has not yet been exploited. The bug was discovered 'as a result of continued research to the demonstration of the exploit of another vulnerability which occurred in July 2005 at the Black Hat USA Conference' the company said.

To take over a Cisco router, attackers would need to successfully take advantage of both the earlier IPV6 problem and the system timer bug disclosed today, said John Noh, a Cisco spokesman. -In order to exploit the issue we're talking about today, you needed an additional way to attack, he said.

Should someone find a way of taking over Cisco's widely used routers, that could clear the way for a particularly devastating attack on the Internet.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »