Cisco router error beats the network

Cisco Systems has just released an update to block a number of security vulnerabilities that could be exploited to attack denial of service on some of its network device products.

Information from Cisco's security warning message indicates that the corrected security flaws this time arise in an encrypted third-party library used in Cisco IOS, Cisco IOS XR, Cisco PIX, ASA Security Appliances, Cisco Firewall Module and Cisco Unified CallManager.

Johannes Ullrich - Research Specialist of Sans Institute - said the above security flaws could be exploited by hackers to disable a network by attacking denial of service (DoS) directly into the set. network route (router).

" In most DoS attacks, hackers often have to send a huge amount of data over the target's processing power. But in the case of Cisco security flaws, hackers just need to send a large amount of data Very small data may also cause the device to hang completely . "

Not only that these security flaws can be exploited without having a legitimate device login account even though the default Cisco products enable the data encryption library.

Users can access the Cisco security warning message link to download the necessary updates as well as refer to a number of methods to help limit the risk of attack.

Ullrich claims that there has never been any malicious code to attack the Cisco product vulnerabilities.

Hoang Dung