http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=216200419 By Kelly Jackson Higgins DarkReading March 24, 2009 The dirty little secret about patching routers is that many enterprises don't bother for fear of the fallout any changes to their Cisco router software could have on the rest of the infrastructure. But the recent discovery of a way to easily hack the devices has turned upside down conventional wisdom that patching routers is more of a risk than an actual attack on these devices. Researcher Felix "FX" Lindner's research earlier this year demonstrated that multiple versions of routers can be attacked -- specifically, Cisco's PowerPC routers -- shooting down the assumption that hacking routers requires separate exploits for each type of router. Enterprises traditionally have been content to avoid patching their Cisco routers because the chances of a major breach was less likely than the possibility of an unintentional outage from a router update. "The underlying problem is that you cannot patch IOS -- you always need to update the entire image. And with this comes all kinds of compatibility issues with your configuration, hardware, and setup," says Lindner, a researcher with Recurity Labs. Lindner demonstrated with his research that all an attacker needs is basic knowledge about the targeted device, rather than specifics of the IOS configuration. His exploit method applies to stack-buffer overflows, and he was able to execute memory writes and to disable CPU caches on Cisco routers running on the PowerPC CPU. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Wed Mar 25 2009 - 00:16:22 PDT
This archive was generated by hypermail 2.2.0 : Wed Mar 25 2009 - 00:31:56 PDT