Cisco warns of more router vulnerabilities

Summary:Intrusion-prevention capabilities in IOS can be circumvented by hackers, putting companies at risk of attack

The intrusion-prevention capabilities of Cisco's routers are prone to attack, after the networking giant revealed two vulnerabilities in its key operating system.

The vulnerabilities affect those versions of Cisco's Internetwork Operating System (IOS) that start with "12.3" and "12.4". Almost all Cisco routers run a version of IOS. The flaws allow a hacker to circumvent the IPS protection built into the affected routers and also cause routers to crash.

IPS is an inspection feature found in many networking products, including those from Cisco, which aims to block unauthorised network access and malicious code in real time.

In a security advisory, Cisco said there were two vulnerabilities: a fragmented packet evasion weakness, which could lead to the IPS being circumvented, and an ATOMIC.TCP regular expression denial-of-service vulnerability. Exploitation of the first weakness "may result in an attacker being able to evade detection by an IOS IPS device. This could allow protected systems to be covertly attacked," Cisco warned. A hacker exploiting the second vulnerability "may cause an IOS IPS device to crash".

Cisco urged IT managers who run affected routers to patch the IOS.

Last month, Cisco found two other vulnerabilities in IOS. The first weakness could lead to a denial-of-service attack, while the second one allows hackers to execute malicious code on the device in question. Following news of the vulnerabilities, Cisco made patches available.

Cisco's routers are the most popular enterprise routers in the world. As such, IOS is the network operating system that the majority of hackers tries to exploit.

Topics: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.