Cisco Discloses Serious IOS Flaw
- By Stephen Swoyer
- May 28, 2008
Cisco Systems Inc. last week alerted users to multiple vulnerabilities in the
Secure Shell (SSH) server implementation that ships with version 12.4 of its
Internetwork Operating System (IOS).
In some cases, Cisco warned, a malicious attacker could exploit a flaw in the
IOS SSH implementation to trigger denial of service (DoS) and reload the device.
Elsewhere, Cisco confirmed, attackers can exploit its IOS SSH implementation
to generate spurious memory access errors. If an attacker is able to repeatedly
reboot an IOS device, extended DoS could result, Cisco warned.
Cisco lists the IOS SSH daemon (SSHd) as an "optional" service, but its use
is nonetheless highly recommended, because SSH facilitates secure command-line
connectivity to IOS devices. Not all IOS devices are affected. According to
Cisco, certain devices powered by IOS version 12.4 (and running SSH) may be
affected. Versions of IOS prior to IOS 12.4 (including all 10.x and 11.x releases),
as well as Cisco IOS XR are not affected, according to Cisco.
Cisco has published a software update and recommends any of workarounds for
customers that don't wish to update their software. The first and most obvious
workaround, according to Cisco representatives, is to disable the IOS SSHd.
Users can also configure VTY access classes to allow only trusted hosts to establish
SSH connections. Elsewhere, Cisco said, users can configure infrastructure Access
Control Lists (iACL), a recommended security best practice, to restrict network
traffic from targeting infrastructure devices.
In addition, Cisco said, customers can tap TELNET as an insecure alternative
According to Cisco, the SSHd flaws were discovered internally or as a result
of customer service requests. As a result, Cisco said it does not know of any
malicious activity associated with the SSHd flaws.
Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.