Cisco Patches a Dozen Router Bugs
Robert McMillan writes on ComputerWorld:
Cisco Systems has released its twice-yearly set of security patches for its router firmware, fixing 12 security flaws in the products.More here.
Cisco describes the bugs in 11 security advisories, released Wednesday, saying that they affect routers and switches that use the Cisco Unified Communications Manager, as well as a variety of services in the devices' underlying Cisco IOS operating system.
"Exploits of the individual vulnerabilities could result in two different impacts, a breach in confidentiality or a denial of service," Cisco said in a note describing the updates, posted to its Web site on Wednesday.
Among the patches is a fix for an IOS bug that could let an attacker bypass access control policies on devices that use the Object Groups for ACL feature, Cisco said. This could give an attacker access to parts of the network that they shouldn't be allowed to reach.