Cisco Warns of Flaw in Routers
Cisco Systems Inc. today issued an alert warning of a serious security flaw in many of its Internet routers, pricey devices that direct a large portion of the world's Web and e-mail traffic. Cisco said attackers could use the flaw to seize control over vulnerable routers.
I don't see this advisory mentioned anywhere else on the Web at the moment. Cisco's write-up indicates that the available workaround and/or patch depends on what version of the product an organization is using. Cisco says the problem resides in routers configured to use its "firewall authentication proxy" feature, which lets network administrators specify rules about what types of traffic should be allowed through the firewall on a per-user basis.
Russ Cooper, senior information security analyst at Cybertrust, said that flaw will mostly affect universities and smaller ISPs that provide dial-up Internet services.
"There's probably some routers out there configured to do this, but I'd be surprised if they were on business networks," Cooper said.
I'll file an update when I learn more about the seriousness of the threat posed by this flaw. Symantec Corp. just elevated its ThreatCon a notch from 1 to 2 because of this vulnerability.
By
Brian Krebs
|
September 7, 2005; 2:53 PM ET
Categories:
Latest Warnings
Save & Share:
Previous: Cisco Warns of Flaw in Routers
Next: Cisco Warns of Flaw in Routers
Posted by: A.. L. B. | September 8, 2005 11:58 AM | Report abuse
AIB - What browser are you using? Can you drop me a line with info on how to contact you?
Tx
Posted by: Brian Krebs | September 8, 2005 12:29 PM | Report abuse
The comments to this entry are closed.
Your page loads incorrectly, with the result that the section that belongs at the bottom of the page lands in the upper middle, overlaying the article, rendering reading it extremely difficlut.