Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Crackers exploit Cisco LAN switch flaw

Crackers exploit Cisco LAN switch flaw

by Nikola Strahija on February 2nd, 2002 Cisco has warned users of a potential denial of service risk involving its popular Catalyst LAN switches. A buffer overflow vulnerability in Telnet option handling can be used to crash the process and force a Catalyst switch to reload.


This operation could be repeated by an attacker to produce a denial of service attack.

Cisco Catalyst switches, series 4000, 5000 and 6000 and also 2948G and 2900 models, running CatOS are affected by the flaw, which Cisco warns has already been exploited. Other Cisco LAN switches and routers are not
vulnerable. There are free software upgrades to affected by the flaw and published a schedule for the availability of fixed releases, which shows fixes will be available by February 4.

The Catalysts switch vulnerability is related to a flaw involving systems running versions of telnetd derived from BSD source, which was discovered in July last year.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »