Live: 300+ Best Black Friday Deals Live: Black Friday TV Deals BF Deals Under $25 BF Deals Under $50 5 BF Splurges 8 BF Must-Haves 15 Weird Amazon BF Deals BF Cheat Sheet
Want CNET to notify you of price drops and the latest stories?
No, thank you

Cisco flaw opens networks to attacks

A router software bug could lead to denial-of-service attacks--but only techies could launch one, an analyst says.

Cisco has warned in a security advisory that some networks with its routers could be vulnerable to denial-of-service attacks.

The problem is in the processing of packets sent to a Cisco router that has been configured for the Open Shortest Path First (OSPF) protocol, the company said in a security advisory released Wednesday. If the router receives a malformed packet, it will take a while to reset. Attackers could flood networks with packets that cause routers to constantly reboot. The flaw is limited to versions 12.0S, 12.2 and 12.3 of Cisco's Internetwork Operating System routing software.

Jon Oltsik, a network security analyst at the Enterprise Strategy Group, said the vulnerable versions and configuration are in common use and that the effects of a successful attack could be devastating to an enterprise.

Our reporters' take on what's
happening in broadband.

"If a hacker puts a certain request to the main router, then it could shut down the whole network," Oltsik said. But he believes that in practice, the vulnerability requires both inside knowledge and Cisco expertise, which should limit the number of attacks. The most likely threat will come from former staff with a grievance, he said.

"It's not like a Microsoft vulnerability that anyone with Internet access can exploit. You need specific knowledge to exploit this. An attack is most likely to come from a rogue employee who knows the configuration of the company's Cisco routers," Oltsik said.

Cisco said Thursday that it's unaware of any exploitations of the vulnerability.

Cisco has provided a patch for the security flaw and has also provided several workarounds for the problem, such as using OSPF authentication as a workaround. It is also recommending that customers update their routers with a free software patch, available by e-mailing its support center at The full Cisco advisory has been posted to its Web site.

Ingrid Marson of ZDNet UK reported from London. CNET's Marguerite Reardon contributed to this report.