Malicious Cisco Code Circulating
Page 1 of 1
The release of a hacking toolkit to exploit security holes in
products has sent the networking giant scrambling to announce patches and
The San Jose, Calif., company confirmed malicious hackers were circulating code that could be used to run denial-of-service attacks against multiple products in an advisory.
"Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code," Cisco warned.
The "Cisco Global Exploiter" exploit code was released to underground hacking Web sites over the weekend and could be used to attack nine Cisco vulnerabilities. The hacking toolkit, which was seen by internetnews.com, includes very specific references to the targeted Cisco security holes.
While most are denial-of-service
Vulnerabilities that could be targeted by the exploit code include the Cisco IOS Router DoS flaw; Cisco IOS HTTP Auth Vulnerability; Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability; Cisco Catalyst SSH Protocol Mismatch DoS Vulnerability; Cisco Catalyst SSH Protocol Mismatch Vulnerability; and the Cisco 675 Web Administration Denial of Service Vulnerability.
The company also warned hackers could unleash the infamous "Code Red" worm with the toolkit. Cisco's advisory contained specific patches and workaround that have previously been available.
It is not the first time that an active exploit targeting a known vulnerability in Cisco routers and switches has been released on the Internet.
Last July, a "fully functioning exploit tool" was released on the Full Disclosure security mailing list. The company started receiving reports of Cisco routers under attack immediately after the tool appeared.