Blog

Review of Cisco equipment’s last vulnerabilities

IP Protection

Intellectual Property of Equelli's client is the thing that we guard against any invasions.

Everything that we receive from a client, including source code, graphic design, ideas, business-related information is kept at the highest level of protection.

Membership

Latest blog posts

Equelli opens new development center in Tomsk
2009.12.13 23:30
Asterisk Manager Interface
2009.11.25 21:50
A Step Ahead with Innovative Fuzzy Search from Itteco & Equelli
2009.06.29 04:55
Equelli has started software product development
2009.03.29 23:39
Software development services at $15 per hour
2009.03.23 23:15

Meetings all over the globe

Equelli professionals can meet you face2face in your office, please contact us for more information.

During the meeting our analyst will gather your specific requirements, will communicate with Omsk-based team to make a quote very quickly, and will negotiate all terms of a project with you, finishing by signing a contract.

Equelli also provides service of supplying staff for on-site work on deployment and maintenance of the products and systems Equelli has developed for you.

Vadim Rakov

Review of Cisco equipment’s last vulnerabilities

2009.02.11

Review of Cisco equipment’s last vulnerabilities

It’s not a secret that Cisco is the leader in the market of effective network solutions. This fact imposes huge responsibility on the company. Enormous efforts are being made to provide safety of offered solutions, but nevertheless.......

We have written the short review of the last vulnerabilities which are detected in Cisco equipment. It describes periodicity of their revealing and levels of their threat.

There were found out 4 major vulnerabilities since March 2008.

First of them was detected in March, it allows remote intruder to implement a DoS attack to a target system. That vulnerability exists because of the error in checking of input data while packages are in processing. Hacker can transfer specially generated packages that will lead to a failure of system service. Exploitation of vulnerability demands that equipment should be configured on support of Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN) and Open Shortest Path First (OSPF) sham-link.

This vulnerability extends to the following types of equipment: Cisco 7600 Series 12.x, Cisco Catalyst 6500 Series 12.x, Cisco IOS 12.x, Cisco IOS R12.x

Next one was detected in May of the same year. This vulnerability allows remote intruder to implement a DoS attack to a target system. It exists because of the error in SSH Server implementation. Hacker can generate fake access to memory or reboot equipment.

This vulnerability extends to the following types of equipment: Cisco IOS 12.x, Cisco IOS R12.x

Vulnerability which is detected in July, 2008, allows remote intruder to implement a free (random) code on a target system. It exists because of the error in checking of input data in FTP Server. Hacker can transfer specially generated data that will lead to execution of any code.

This vulnerability extends to the following types of equipment: Cisco IOS 12.3(18)

The last vulnerability was revealed in 2009. It allows remote intruder to implement a DoS attack to a target system. It exists because of the error in Cisco VLAN Trunking Protocol implementation. Hacker can transfer specially generated VTP packages that will lead to a failure of system service.

This vulnerability extends to all types of Cisco equipment.

And some words about the newest vulnerabilities in 2009, which are with low levels of threat.

They allow remote intruder to implement a XSS attack.

1. The first vulnerability exists because of the insufficient input data processing in the "ping" command in Cisco IOS HTTP server. Remote hacker can, by means of specially generated request, execute free script code in victim’s browser in the context of vulnerable site security.

2. The second vulnerability exists because of the insufficient input data processing in some parameters in Cisco IOS HTTP server. Remote hacker can, by means of specially generated request, execute free script code in victim’s browser in the context of vulnerable site security.

There is another one vulnerability which allows hacker to implement a DoS attack.

It exists because of unknown error while TCP packages are in processing. Remote intruder can send specially generated TCP data stream to a control card and set it to nil. Successful exploitation of vulnerability allows hacker to damage synchronous data channels on all platforms, except Cisco ONS 15600, and to temporary block control functional.

This vulnerability extends to the following types of equipment: Cisco ONS 15310-CL Series, Cisco ONS 15327 Series, Cisco ONS 15454 MSPP, Cisco ONS 15454 MSTP, and Cisco ONS 15600 Series

The review resulted above testifies to small periodicity of revealing vulnerabilities. However, it should be noted, that level of threat is pretty high in each case.

Considering the fact that the Cisco equipment is being used in the business field on 99%, any trouble such as a work failure or a data loss may lead to really bad consequences.

Digg this

Slashdot It!

Delicious

Blog about joomla | IDOBlog - blog for joomla 1.5

Testimonials

Read all

Equelli’s team demonstrated a very pro-active and outgoing approach and delivered on time what was agreed upon. I can without hesitation recommend them for any kind of IT contracts.

Marek Kuchta, enterpreneur at TBA

Equelli is a solid, dependable firm with accountability and integrity. They are organized and well-educated in their respective specialty fields, able to translate instructions into accomplishment. Their managers team is a cornerstone of reliability. It has been a pleasure to work with them, and have them be there when the extra communication was necessary. We have made great results happen, and I am grateful for that.

Alexander De Ridder, Senior Consultant at Squadding Expert Group

Igor manages an outstanding team of experts and our time spent with his team has been fruitful and valuable to our company's long-term vision. He is a pleasure to work with.

Scott Werndorfer, CEO of Cerulean Studios, developer of Trillian IM.

Igor gets the work done, cares about his team and his clients, and communicates candidly about all issues. Software development that stands the test of time takes discipline and good leadership. I can see Igor is responsible for all of these at his company, and I'll gladly help him reach a wider audience so he can enjoy the success that a person of his character deserves. Moreover, it will help everyone who chooses to work with him, and all the end users of the software that's created.

CEO of software development company.

Our company has been working in the sphere of informational and technical maintenance since 2004. At some definite moment we realized that our own resources were not enough any more. So we started to look for partners. Equelli has been chosen almost at once, and in our judgment this is our best choice.

Y. Rodionov, Owner & CEO of Security of Technology and Business, Ltd.

Equelli has allowed us to augment our development team in ways that would be otherwise impossible without a tremendous financial investment. They have allowed us to work on new, revenue-generating projects that lie outside of our regular development cycle while allowing our in-house development team to stay focused on their current projects.

Michael Nguyen, Director of Technical Operations, Spam Arrest, LLC

Contact us

Contact the top experts in the industry.

President and CEO greeting

"Welcome, our dear client, I believe you will be completely satisfied with Equelli services and we will become your long-term partner in the area of software development."

Sincerely, Igor Polyakov

Media

How to find a reliable vendor for software development outsourcing? _(2008.11.16)

and

Outsourcing vendor: a company vs a freelancer _(2008.11.23)

Pressroom

E-mail: