Cisco IOS Critical Advisory: Router Buffer Overflow Threat Exploit

Cisco alerted its customers Wednesday about a serious security flaw in many of its Internet routers, which serve as key intersections in channeling Web and e-mail traffic from point to point. Cisco Systems Inc., based in San Jose, Calif., warned that attackers could use the flaw to seize control over specified vulnerable routers—not most routers currently in use.

As of late Wednesday afternoon, none of Cisco's customers had come forward to say their systems were compromised. "At this point, we do not know of any active exploitation of this vulnerability," Cisco spokesman John Noh told eWEEK.com.

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of the IOS (Internetwork Operating System) "is vulnerable to a remotely exploitable buffer overflow condition," the company said in its online summary of the problem.

Devices running non-enterprise-level versions of Cisco IOS are the most vulnerable, the company said.

The link for this article located at eWeek is no longer available.