News
Cisco Releases Bundle of Router Security Patches
Cisco has issued 12 sets of security patches for its IOS router operating system
By Robert McMillan, IDG News Service (San Francisco Bureau)
September 25, 2008 — CSO —
Cisco has issued a set of security patches for the Internet Operating System (IOS) software, used to power its routers and switches.
The patches were published Wednesday, the date Cisco had previously set aside as the latest release date for its twice-yearly IOS patches. Cisco also published 12 security advisories describing the bugs, noting that many of these vulnerabilities could be exploited by attackers to crash an IOS device.
One of the bugs, a flaw in the Simple Network Management Protocol (SNMP) could be exploited by an attacker to seize control of the router. However, only specially configured Cisco uBR10012 series devices, used by telecommunications companies to connect broadband customers to the Internet are affected by the flaw, Cisco said.
Symantec rates this flaw critical and on Wednesday advised users of these devices who have configured their routers for linecard redundancy apply the patches as soon as possible.
Cisco is not aware of any attacks or previous public disclosures that were based on this flaw.
Other bugs that were patched affect Cisco's multicast, SSL processing, and Session Initiation Protocol software.
Other stories by Robert McMillan
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
- Make Compliance Regulations an Ally Not an Enemy
- Protecting Sensitive and Confidential Information with Endpoint Security
- Endpoint Security: Compliance at the Endpoint
- Revolutionizing Endpoint Security with a Single Agent
- Data Protection: Challenges for the Traveling User
- View Gartner Video: Best Practices on Web Application Security
- Unlock the Power of Device ID to Combat Online Fraud and Abuse
- Network Security Services: Outsourcing considerations for maximizing network protection
- File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
- Configuration Assessment: Choosing the Right Solution
- IT Service Management: Metrics That Matter
- Effective Security with a Continuous Approach to ISO 27001
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Executive Seminar on Application Security
-
January 29, 2009New York, New YorkRegister now »
-
February 25, 2009San Francisco, CaliforniaRegister now »
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
