Home / Cisco patches system flaws

Cisco patches system flaws

Networking giant Cisco has fixed flaws in the software that runs the majority of the firm's routers and switches.

Networking giant Cisco has fixed flaws in the software that runs the majority of the firm's routers and switches.

The vendor's advisory said the vulnerabilities affect the IOS (Internetworking Operating System) FTP server feature and, if exploited, could give remote attackers the ability to bypass authentication, access passwords from device file systems and launch malicious code attacks.

"Unauthorised users could retrieve the device's startup-config file from the filesystem," Cisco said. "This file may contain information that could allow the attacker to gain escalated privileges."

The IOS FTP Server bug is triggered when files are being transferred through the device by FTP, which could give attackers a means of launching denial-of-service attacks.

However, the impact of the vulnerabilities is mitigated somewhat as the feature isn't enabled by default, Cisco said.

Cisco has released a fix that disables the IOS FTP server feature.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.