Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server
Advisory ID: cisco-sa-20070509-iosftp


www.cisco.com/warp/public/707/cisco-sa-20070509-iosftp.shtml

For those that have enabled the IOS FTP service on their CISCO devices, you may want to take a look at the advisory from CISCO.  CISCO indicates that there are multiple vulnerabilities in the IOS.  From CISCO Advisory:

"Multiple vulnerabilities exist in the Cisco IOS File Transfer Protocol (FTP) Server feature. These vulnerabilities include Denial of Service, improper verification of user credentials and the ability to read or write any file in the device's filesystem, including the device's saved configuration, which may include passwords or other sensitive information."

See the link above for the complete advisory.

Deborah

272 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!