X

Trio of Cisco flaws may threaten networks

Holes in software that controls Cisco's routers and switches could let miscreants cripple computer networks, including the Internet.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
See full bio
Joris Evers
2 min read
Three security holes in the software that runs Cisco Systems' routers and switches could let miscreants disrupt computer networks, including the Internet.

The vulnerabilities lie in Cisco's Internetwork Operating System and could be exploited to crash or remotely run malicious code on devices that run the software, the San Jose, Calif., networking giant warned Wednesday in security advisories. IOS runs on Cisco's routers and switches, which make up a large portion of the Internet's infrastructure.

Cisco's warning prompted the U.S. Computer Emergency Readiness Team, or US-CERT, to issue an alert. "A remote attacker may be able to execute arbitrary code on an affected device, cause an affected device to reload the operating system, or cause other types of denial of service," US-CERT said on it Web site.

Being able to execute arbitrary code means that an attacker could change the configuration of a router or switch, redirecting traffic or potentially sniffing the data that travels through a Cisco device. In a denial-of-service attack a vulnerable router or switch would be taken offline, disrupting any traffic it is tasked to channel.

"Because devices running IOS may transmit traffic for a number of other networks, the secondary impacts of a denial of service may be severe," US-CERT said.

The impact of each of the three vulnerabilities is different. The most serious of the problems, which relates to how IOS handles specific data packets, affects a broad range of Cisco devices. This includes routers and switches used by telecommunications companies that use Cisco's gear to shuttle data traffic across networks.

"These are serious issues and patches need to be applied as soon as possible," said Gunter Ollmann, director of security strategy for IBM Internet Security Systems. "From our monitoring of underground channels there are a lot of people interested in these and actively working on exploits."

Cisco has software updates available to address the vulnerabilities, the company said in each of its alerts. "Cisco is also not aware of any current exploitation of these vulnerabilities," the company added.

Will Sturgeon of Silicon.com in London contributed to this story.