Sign up for the Security newsletter

Cisco admits security blunder

Routers invite the bad guys in...

By Chris Holbrook on 29 June 2001 13:00

NEWS Cisco has warned systems administrators that all releases of its IOS software - the primary control program used in its routers - present a security vulnerability to remote intruders. The problem affects the http server component of a Cisco IOS system when linked to a local authentication database. This can allow malicious users to remotely execute commands on the system at the highest privilege level, effectively controlling the device. IT staff are being urged to disable the http server on the router or to use Terminal Access Controller Access Control System (TACACS+) or Radius for authentication. More details and solutions can be found by visiting the security vulnerability discoverers at http://www.cert.org/advisories/CA-2001-14.html For related news see:
Oracle software flaws pose server attack threat
http://www.silicon.com/a45254
Which? hadn't even approved its own failed site
http://www.silicon.com/a45250
Microsoft patches the hole
http://www.silicon.com/a45153

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your silicon.com account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ

Get silicon.com's daily newsletter

  • Register on silicon.com

    Enter your email to register

Keep in touch with silicon.com

silicon.com newsletters