Friday, October 22, 2021

Malicious Cisco Code Circulating

The release of a hacking toolkit to exploit security holes in
several Cisco products has sent the networking giant scrambling to announce patches and
workarounds.

The San Jose, Calif., company confirmed malicious hackers were circulating
code that could be used to run denial-of-service attacks
against multiple products in an advisory.

“Customers should take steps to ensure that they have addressed each of
these either via a software upgrade or workarounds in place as appropriate
in order to mitigate any risk from this new exploit code,” Cisco warned.

The “Cisco Global Exploiter” exploit code was released to underground
hacking Web sites over the weekend and could be used to attack nine Cisco
vulnerabilities. The hacking toolkit, which was seen by
internetnews.com, includes very specific references to the targeted
Cisco security holes.

While most are denial-of-service vulnerabilities, one
flaw in the Cisco Broadband Operating System (CBOS) could lead to buffer
overflows and router takeovers.

Vulnerabilities that could be targeted by the exploit code include the
Cisco IOS Router DoS flaw; Cisco IOS HTTP Auth Vulnerability; Cisco IOS HTTP
Configuration Arbitrary Administrative Access Vulnerability; Cisco Catalyst
SSH Protocol Mismatch DoS Vulnerability; Cisco Catalyst SSH Protocol
Mismatch Vulnerability; and the Cisco 675 Web Administration Denial of
Service Vulnerability.

The company also warned hackers could unleash the infamous “Code Red” worm with the toolkit. Cisco’s advisory contained specific
patches and workaround that have previously been available.

It is not the first time that an active exploit targeting a known
vulnerability in Cisco routers and switches has been released on the
Internet
.

Last July, a “fully functioning exploit tool” was released on
the Full Disclosure security mailing list. The
company started receiving reports of Cisco routers under attack immediately after the tool appeared.

Similar articles

Latest Articles