You are here: silicon.com > Software > Security Strategy

Security Strategy

Cisco admits security blunder

Routers invite the bad guys in...

Printer Friendly Email Story RSS

By Chris Holbrook

Published: 29 June 2001 13:00 BST

Cisco has warned systems administrators that all releases of its IOS software - the primary control program used in its routers - present a security vulnerability to remote intruders.

The problem affects the http server component of a Cisco IOS system when linked to a local authentication database. This can allow malicious users to remotely execute commands on the system at the highest privilege level, effectively controlling the device.

IT staff are being urged to disable the http server on the router or to use Terminal Access Controller Access Control System (TACACS+) or Radius for authentication.

More details and solutions can be found by visiting the security vulnerability discoverers at http://www.cert.org/advisories/CA-2001-14.html

For related news see:
Oracle software flaws pose server attack threat
http://www.silicon.com/a45254
Which? hadn't even approved its own failed site
http://www.silicon.com/a45250
Microsoft patches the hole
http://www.silicon.com/a45153

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Cisco Security Advisory: IOS HTTP Authorization Vulnerability

Cisco warns of VPN flaw

Cisco issues cyber attack alert

Configuring Cisco IOS Easy VPN Client Mode With 802.1x Authentication

Cisco releases router software fix

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…

Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...

First iPhone 2.0 antivirus software released

Has Barclays stamped out fraud with PINsentry?

Courts to save millions with streamlined tech

Soham report IT systems still not in place

RIM warns on BlackBerry PDF flaw

Privacy chief fights UK-wide database


  • Jobs
UNIX / Linux Infrastructure Operations Engineer - Oxfordshire

Experience with Cisco routers and switches, Cisco IOS, Intel-based server hardware, TCP/IP, DNS and other Internet related technologies, such as ...

Spanish Speaking Data Network Engineer- London- Training- Cisco- 37k

K.eden at Huxely.co.uk The candidate must be skilled in Ethernet protocols, router protocols, and large enterprise network system installation and ...

Cisco Network Engineer ISP MPLS, BGP, ISIS - Manchester 30k

Classification/marking/queuing on Cisco IOS (including legacy frfab/tofab cos syntax on older GSR linecards) and JunOS (scheduler maps etc). Major ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

Law firm gets SaaSy with email security

Taylor Woodrow heads for the cloud

College classrooms go high-tech

TechRepublic Resource Guide: How well are you meeting your customers needs?

Customer Perspective: Tata Telecom

eVerge Takes on the Competition With PeopleSoft ESA for Professional Services

Microsoft Dynamics GP Demo

Stories from the web...


Peter Cochrane's Video Blog: For whom the bell tolls

60-Second Pitch: FMC

Peter Cochrane's Video Blog: Power outrage


Health trust abandons NHS care record upgrade

Police to get thousands more mobiles

SAP: Time's up for TomorrowNow

Kent signs £32m outsourcing deal

Sat-navs driving motorists to distraction




Quick Sitemap Links: