Cisco Systems Inc. has issued a set of security patches
Cisco Systems Inc. has issued a set of security patches for the Internet Operating System (IOS) software, used to power its routers and switches.
The patches were published Wednesday, the date Cisco had previously set aside as the latest release date for its twice-yearly IOS patches. Cisco also published 12 security advisories describing the bugs, noting that many of these vulnerabilities could be exploited by attackers to crash an IOS device.
One of the bugs, a flaw in SNMP, could be exploited by an attacker to seize control of the router. However, only specially configured Cisco uBR10012 series devices, used by telecommunications companies to connect broadband customers to the Internet, are affected by the flaw, Cisco said.
Symantec rated this flaw critical and on Wednesday advised users of these devices who have configured their routers for line-card redundancy to apply the patches as soon as possible.
Cisco is not aware of any attacks or previous public disclosures that were based on the flaw.
Other bugs that were patched affect Cisco’s multicast, SSL processing and Session Initiation Protocol software.
Read More at Cisco
