April Is the Cruelest Month: Cisco’s IOS Security Woes | CertCities.com

CertCities.com -- The Ultimate Site for Certified IT Professionals

Microsoft®

Cisco®

Security

Oracle®

A+/Network+"

Linux/Unix

More Certs

Newsletters

Salary Surveys

Forums

News

Exam Reviews

Tips

Columns

Features

PopQuiz

RSS Feeds

Press Releases

Contributors

About Us

Advanced Search

Free Newsletter

Sign-up for the #1 Weekly IT
Certification News
and Advice.

See What's New on
Redmondmag.com!

• Cover Story: IE8: Behind the 8 Ball

• Tech-Ed: Let's (Third) Party!

• A Secure Leap into the Cloud

• Windows Mobile's New Moves

• SQL Speed Secrets

Let us know what you
think! E-mail us at:

Home

Editorial

News

News Story

Tuesday: December 28, 2010

PRINTABLE FORMAT

E-MAIL STORY

POST YOUR COMMENTS

MORE NEWS

April Is the Cruelest Month: Cisco’s IOS Security Woes

4/18/2005 -- Cisco Systems Inc. last week confirmed that its IOS-powered routers and switches were vulnerable to ICMP denial-of-service attacks.

Cisco’s warning, disseminated by means of the familiar security bulletin warning system, was the company’s third such advisory in the space of a week. The new ICMP vulnerability affects all IOS versions, but it particularly impacts IOS-powered devices that have the Path Maximum Transmission Unit Discovery enabled.

In addition to the usual suspects—Cisco’s routers and Catalyst series switches—other affected products include Cisco’s Aironet WLAN access points and bridges, the next-gen CRS-1, and Cisco’s PIX Security Appliance.

Cisco acquired Airespace—a leading provider of wireless networking solutions for enterprise customers—earlier this year. And CRS-1, which shipped last year, boasts an entirely new (next-gen) version of IOS.

It hasn’t been a good fortnight for IOS. Almost two weeks ago, Cisco admitted that attackers could exploit vulnerabilities in certain versions of IOS to gain unauthorized access to network resources. Similarly, Cisco issued another security advisory—on the same day, even—which copped to another DoS vulnerability in certain versions of IOS. As usual, Cisco released software fixes for both issues, and also published workarounds. -Stephen Swoyer

There are 2 user Comments for “April Is the Cruelest Month: Cisco’s IOS Security Woes”
Page 1 of 1
4/18/05: Anonymous says:	Airespace was acquired early this year, not Aironet.
4/25/05: Dan Hong from Irvine, CA says:	CORRECTION: The original story incorrectly stated that Cisco acquired Aironet. The company Cisco acquired is Airespace. The story is corrected above. CertCities/TCPMag.com apologizes for this error.

Your comment about: “April Is the Cruelest Month: Cisco’s IOS Security Woes”
Name:	(optional)
Location:	(optional)
E-mail Address:	(optional)
Comment:

-- advertisement (story continued below) --

top

Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. CiscoÃ† and Cisco SystemsÃ† are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. OracleÃ† is a registered trademark of Oracle Corp. A+Ã†, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.

Reprints allowed with written permission from the publisher. For more information, e-mail