Cisco admits IOS flaw, releases patch

Several months after trying to silence a researcher from discussing the flaw, Cisco has announced a critical failure in recent versions of its Internetwork Operating System, which runs on its routers and other devices.

Several months after trying to silence a researcher from discussing the flaw, Cisco has announced a critical failure in recent versions of its Internetwork Operating System, which runs on its routers and other devices. Specifically, says a report in CIO:

The IOS firewall-authentication proxy for FTP and Telnet sessions featured in specific versions of the IOS software -- 12.2 through 12.4 -- is "vulnerable to a remotely exploitable buffer-overflow condition."

Cisco has released patch software and a list of workarounds at its security advisory.

 


Cisco White Papers

Click here to see more results