September 24th, 2008
Cisco mega patch plugs serious IOS vulnerabilities
Today is a very busy patch day for network administrations managing Cisco gear.
The networking giant released a whopping 12 bulletins with fixes for a wide range of security vulnerabilities in IOS, the underlying software that powers routers and network switches.
Some of the flaws could allow a malicious hacker to take complete control of vulnerable devices while others put Cisco customers at risk of denial-of-service attacks.
The most serious issue in this patch batch carries a maximum CVSS base score of 10.0 and affects the Cisco uBR10012 series devices:
Cisco uBR10012 series devices need to communicate with an RF Switch when configured for linecard redundancy. This communication is based on SNMP (Simple Network Management Protocol). When linecard redundancy is enabled on a Cisco uBR10012 series device, SNMP is also automatically enabled with a default community string of private that has read/write privileges. Since there are no access restrictions on this community string, it may be exploited by an attacker to gain complete control of the device. Changing the default community string, adding access restrictions on SNMP or doing both will mitigate this vulnerability. The recommended mitigation is to do both.
Network administrators managing Cisco gear (with IOS) and strongly urged to review all the September 24 patches listed here and prioritize fixes according to severity rating scores. In cases where mitigations are offered, those should be applied where necessary.
Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.
For daily updates on Ryan's activities, follow him on Twitter.
Subscribe to Zero Day via Email alerts or RSS.
