All the latest UK technology news, reviews and analysis


Cisco patches six security flaws that posed DoS cyber attack risk

27 Mar 2014
A Cisco logo

Cisco has plugged six flaws in its Internetwork Operating System (IOS) Software that could theoretically be exploited by hackers to launch cyber attacks on its customers.

Cisco released the fixes in its IOS Software Security Advisory Bundled Publication. The update features five fixes for its IOS Software and a single patch for its Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet uplinks. The advisory said the vulnerabilities are serious as they could be used to mount denial-of-service (DoS) attacks on Cisco customers.

"Exploits of the individual vulnerabilities could result in a DoS condition. Use the Cisco IOS Software Checker to quickly determine if a given Cisco IOS Software release is exposed to Cisco product vulnerabilities," read the advisory.

Although there is no evidence that the vulnerabilities are being exploited, the flaws in Cisco's IOS are very serious. IOS is a widely used network infrastructure: Cisco lists the software as "operating on millions of active systems, ranging from the small home office router to the core systems of the world's largest service provider networks," and claims it "is the most widely leveraged network infrastructure software in the world".

This means a successful DoS attack could cause untold harm to IOS users' systems and customers. DoS attacks are a growing issue facing businesses of all sizes. The attacks work by saturating the victim's machine with external communications requests to the point that they become unresponsive.

The attack strategy has traditionally been used by hacktivists, though other groups have begun experimenting with it. Leaked PRISM documents proved a secret spy unit linked to the UK Government Communications Headquarters (GCHQ) had mounted DoS attacks against the Anonymous collective earlier in February.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 10 poll

What are your first impressions of Windows 10?
14%
3%
10%
4%
23%
4%
42%

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Front-End UI/UX Developer (HTML5, CSS, JavaScript, jQuery, Ang

Front-End UI/UX Developer (HTML5, CSS, JavaScript, jQuery...

C# .NET Developer (ASP.NET, WPF, SQL, Algorithms, Data)

C# .NET Developer (ASP.NET, WPF, SQL, Algorithms, Data...

Strategy Business Analyst - Financial Services - Cheshire

Strategy Business Analyst x2 required for cutting edge...

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office 2010, Windows 7

Service Desk Analyst / Helpdesk Analyst - Legal, MS Office...
To send to more than one email address, simply separate each address with a comma.