Cisco Finds Two Vulnerabilities and Recommends for Patches

Cisco Systems has discovered two more flaws in its series of networking programs. These are in its Pix 500 range of security appliances, its 5500 range of adaptive security appliances and its module for firewall services.

Hackers could exploit the different flaws to collapse a networking appliance and evade security solutions. They could use a related flaw to damage access control lists, providing passage for malicious traffic to enter the corporate network. The firm has created patches and issued them for both the vulnerabilities in the firewall service module and the appliances.

Some days ago, the company reported two flaws, which were affecting a tool that actively protected software within its networking products that popularly deployed switches and routers. According to an advisory of the company, the more serious of the two vulnerabilities, the IOS (Internet working operating system) may allow bad traffic to pass as IP packets via its IPS (Intrusion Prevention System) component, to get past signature detection devices.

The networking giant has issued a fix for both flaws, which impacts on the IPS security feature of the software. IPS lies inactive in systems by default and needs manual activation.

The firm explained that attackers could crush its weak devices with such traffic thereby deactivating the equipment. Cyber crooks could launch attacks remotely, even without gaining authentication privileges or administrative access to the flawed devices.

According to the firm, users can destroy these attacks by adopting certain safeguards. These are changing the configuration, using IPS signatures, and disabling inspection of malformed packets delivered. It also asks to disable SIP traffic inspection for an ASA or PIX, or disabling devices' services for SNMP when it is not necessary.

The vulnerability tracking firm, Secunia has rated the vulnerabilities as "moderately critical" i.e., are not severe.

The company has asked administrators to patch all the vulnerabilities with a warning that they check the affected hardware for sufficient memory to receive the updates. In January last, Cisco fixed three other bugs affecting its router operating system program. Of the three bugs, two enabled attackers to execute their own code on a hijacked router.

Related article: Cisco & Sun Patch Vulnerabilities in their Operating Software

» SPAMfighter News - 2/26/2007