Cisco admits IOS flaw, releases patch

Summary:Several months after trying to silence a researcher from discussing the flaw, Cisco has announced a critical failure in recent versions of its Internetwork Operating System, which runs on its routers and other devices.

Several months after trying to silence a researcher from discussing the flaw, Cisco has announced a critical failure in recent versions of its Internetwork Operating System, which runs on its routers and other devices. Specifically, says a report in CIO:

The IOS firewall-authentication proxy for FTP and Telnet sessions featured in specific versions of the IOS software -- 12.2 through 12.4 -- is "vulnerable to a remotely exploitable buffer-overflow condition."

Cisco has released patch software and a list of workarounds at its security advisory.

 


Cisco White Papers

Click here to see more results

Topics: Cisco

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.