Cisco warns of more router vulnerabilities

Intrusion prevention capabilities in IOS can be circumvented by hackers, putting companies at risk of attack.
Written by Richard Thurston, Contributor
The intrusion prevention capabilities of Cisco Systems' routers could be prone to attack, after the networking giant revealed two vulnerabilities in its key operating system.

The vulnerabilities affect those versions of Cisco's Internetwork Operating System (IOS) that start with "12.3" and "12.4". Almost all Cisco routers run a version of IOS. The flaws allow a hacker to circumvent the IPS protection built into the affected routers and also cause routers to crash.

IPS is an inspection feature found in many networking products, including those from Cisco, that aims to block unauthorized network access and malicious code in real time.

In a security advisory, Cisco said there were two vulnerabilities: one that could lead to the IPS being circumvented, and the other that could cause a denial-of-service condition. Exploitation of the first weakness "may result in an attacker being able to evade detection by an IOS IPS device. This could allow protected systems to be covertly attacked," Cisco warned. A hacker exploiting the second vulnerability "may cause an IOS IPS device to crash."

Cisco urged IT managers who run affected routers to patch the IOS.

Last month, Cisco found two other vulnerabilities in IOS. The first weakness could lead to a denial-of-service attack, while the second one allows hackers to execute malicious code on the device in question. Following news of the vulnerabilities, Cisco made patches available.

Cisco's routers are the most popular enterprise routers in the world. As such, IOS is the network operating system that many hackers try to exploit.

Richard Thurston of ZDNet UK reported from London.

Editorial standards