Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server
Advisory ID: cisco-sa-20070509-iosftp

For those that have enabled the IOS FTP service on their CISCO devices, you may want to take a look at the advisory from CISCO.  CISCO indicates that there are multiple vulnerabilities in the IOS.  From CISCO Advisory:

"Multiple vulnerabilities exist in the Cisco IOS File Transfer Protocol (FTP) Server feature. These vulnerabilities include Denial of Service, improper verification of user credentials and the ability to read or write any file in the device's filesystem, including the device's saved configuration, which may include passwords or other sensitive information."

See the link above for the complete advisory.


279 Posts
ISC Handler
May 9th 2007

Sign Up for Free or Log In to start participating in the conversation!