Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Major Cisco IOS Vulnerability Announced - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Major Cisco IOS Vulnerability Announced
Cisco announced today there is a buffer overflow in the Firewall Authentication Proxy of Cisco IOS that can be used for a denial of service attack.  Cisco's advisory is here.

The affected versions of Cisco IOS are 12.2ZH, 12.2ZL, 12.3, 12.3T, 12.4, and 12.4T (all versions).  The vulnerability will not affect devices that are not configured for Firewall Authentication Proxy for FTP or Telnet Sessions.  There is a rather large table of remediation options that is included with Cisco's advisory.  FrSIRT and Symantec have this listed as a high risk alert.  Either turn off the authentication proxy or patch your devices as soon as possible.

262 Posts
ISC Handler
Sep 8th 2005

Sign Up for Free or Log In to start participating in the conversation!