[ISN] Cisco IOS security hole surfaces in Web server code
InfoSec News
isn at c4i.org
Fri Dec 2 01:14:22 EST 2005
http://www.networkworld.com/news/2005/113005-cisco-ios.html
By Phil Hochmuth
NetworkWorld.com
11/30/05
Security researchers this week said they discovered a hole in the Web
server code in Cisco's IOS software.
The flaw could allow attackers - armed only with knowledge of the
Cisco device's IP address - to gain administrative control of a Cisco
device or run arbitrary code on the machine, according to claims.
The vulnerability - as reported by the security organizations Secunia
and SecurityFocus - could allow a potential attacker to view a memory
dump (a record of the data in a router's memory) of an IOS router via
the HTTP server and inject script code into the router through the
HTTP server. Attackers could use this method to get
administrator-level access to a Cisco router or switch or run code on
the device.
The vulnerability only affects Cisco routers running IOS HTTP servers,
which are used as an alternative management interface to the
text-based command line for configuring routers. Cisco IOS versions
11.0 and higher are vulnerable, due to the fact that they ship with
the HTTP server software. The HTTP server is not enabled by default in
most IOS versions installed on routers shipped from Cisco, according
to the company's Web site. However resellers, carriers and other
partners could enable the HTTP for management purposes when deploying
the device in customer networks.
Cisco is aware of the claims of the IOS HTTP vulnerability, a company
spokesperson says, and is investigating the issue. An advisory will be
sent to customers if deemed necessary by the company.
More information about the ISN
mailing list