Cisco's assertion that its routers running IOS version 12 can be a viable alternative to firewalls in branch offices, has been further undermined by the exposure of a flaw which may cause input access list filters to 'leak' packets.
A group of related software bugs may cause input access list filters to 'leak' packets in certain NAT configurations, creating a security exposure.
The severity of the impact may vary, depending on the device type, configuration and environment, from sporadic leakage of occasional packets to consistent leakage of significant classes of packets.
Cisco has admitted that the vulnerability may allow hackers to completely circumvent corporate security. In a security notice it admitted: "No particular tools, skills, or knowledge are needed for such opportunistic attacks. The conditions that trigger this vulnerability may be frequent and long lasting."
Cisco routers in the 17xx, 26xx, 36xx and 75xx family running IOSv12 are affected. Software fixes are being created for this vulnerability, but are not yet available for all software versions.
For more stories see 21 April issue of Network News UK
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane