Cisco has released reports that a high priority security hole in its IOS software could have allowed hackers access to memory contents, and therefore confidential information, from more than one product in their lineup.
Cisco has pinpointed cause of the vulnerability to “insufficient condition checks in the part of the code that handles [Internet Key Exchange] IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests.”
IKEv1 is used in VPN applications such as LAN-to-LAN VPN, remote access VPN, Dynamic Multipoint VPN, and Group Doman of Interpretation. To address the vulnerability Cisco plans to release software updates and currently there is no workaround available.
The list of Cisco products is as follows:
Cisco IOS XR Software versions 4.3.x through 5.2.x. are affected
Cisco IOS XR Software released 5.3.x and newer are not affected
PIX versions 6.x and prior are affected
PIX versions 7.0 and after are unaffected
Back in August Cisco was alerted to information posted on the internet that had been exploited from firewall products from multiple vendors. The potential for exploitation of Cisco PIX firewalls was considered, and Cisco began an investigation into reports of the “BENIGNCERTAIN” exploit.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.networkworld.com