[ISN] ISPs rush to fix Cisco flaw

From: InfoSec News (isnat_private)
Date: Thu Jul 17 2003 - 00:45:51 PDT

  • Next message: InfoSec News: "[ISN] Windows & .NET Magazine Security UPDATE--July 16, 2003"

    http://news.com.com/2100-1035_3-1026518.html
    
    By Robert Lemos 
    Staff Writer, CNET News.com
    July 16, 2003
    
    Internet service providers are vulnerable to a flaw in Cisco routers
    that could cause some Web sites and servers to become inaccessible,
    according to a major telecommunications company and network
    administrators familiar with the issue.
    
    While details of the flaw are unclear, it is apparently widespread and
    affects much of the network infrastructure used by the major Internet
    service providers, CNET News.com learned Wednesday. Cisco is a major
    provider of network switches and routers used to direct data across
    the Internet.
    
    Cisco could not immediately comment, but telecommunications provider
    Sprint confirmed that there is a problem.
    
    "Sprint is aware of the issue regarding Cisco," said spokesman Charles
    Fleckenstein, reading from a statement. "Modifications are being
    performed on the Sprint Internet backbone, and customers should have
    no concerns regarding an interruption of service in regards to
    Sprint."
    
    The flaw could be used by an attacker to crash a router, clogging the
    Internet's communications channels, sources said. Due to the
    vulnerability's nature, the router won't appear to be down, said one
    network expert familiar with the flaw. The router would have to be
    restarted or reset to make it operational.
    
    While Fleckenstein couldn't confirm the details of the flaw, he
    stressed that network outages elsewhere on the Internet could affect
    its customers' connections and their ability to reach Web sites.
    
    "While the appropriate measures are being taken to protect the Sprint
    Internet backbone, issues may arise with traffic that is handed off to
    other carriers, if those carriers have not taken the measures that
    Sprint has, to protect their networks," Fleckenstein said.
    
    Sprint expected to have its network hardware updated by Thursday
    morning.
    
    Other ISPs, including Level 3 and AT&T, did not immediately comment on
    the issue. However, messages posted on a network administrators'
    mailing list indicated that those companies were also upgrading their
    networks.
    
    Bruce Schneier, a noted security expert and chief technology officer
    for network monitoring service provider Counterpane Internet Security,
    wasn't ready to ring the alarm bell, however.
    
    "Could it be a problem? Of course, it could be a problem, but so could
    the other 30 vulnerabilities that have been announced this week," he
    said.
    
    While it's difficult to gauge how critical the glitch is, he added,
    any issue with the Internet backbone--the large communications
    channels that connect different areas of the Net--should be taken
    seriously.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Jul 17 2003 - 04:11:44 PDT