ISPs rush to fix Cisco flaw

[InfoSec News <isn () c4i org>]

http://news.com.com/2100-1035_3-1026518.html

By Robert Lemos 
Staff Writer, CNET News.com
July 16, 2003

Internet service providers are vulnerable to a flaw in Cisco routers
that could cause some Web sites and servers to become inaccessible,
according to a major telecommunications company and network
administrators familiar with the issue.

While details of the flaw are unclear, it is apparently widespread and
affects much of the network infrastructure used by the major Internet
service providers, CNET News.com learned Wednesday. Cisco is a major
provider of network switches and routers used to direct data across
the Internet.

Cisco could not immediately comment, but telecommunications provider
Sprint confirmed that there is a problem.

"Sprint is aware of the issue regarding Cisco," said spokesman Charles
Fleckenstein, reading from a statement. "Modifications are being
performed on the Sprint Internet backbone, and customers should have
no concerns regarding an interruption of service in regards to
Sprint."

The flaw could be used by an attacker to crash a router, clogging the
Internet's communications channels, sources said. Due to the
vulnerability's nature, the router won't appear to be down, said one
network expert familiar with the flaw. The router would have to be
restarted or reset to make it operational.

While Fleckenstein couldn't confirm the details of the flaw, he
stressed that network outages elsewhere on the Internet could affect
its customers' connections and their ability to reach Web sites.

"While the appropriate measures are being taken to protect the Sprint
Internet backbone, issues may arise with traffic that is handed off to
other carriers, if those carriers have not taken the measures that
Sprint has, to protect their networks," Fleckenstein said.

Sprint expected to have its network hardware updated by Thursday
morning.

Other ISPs, including Level 3 and AT&T, did not immediately comment on
the issue. However, messages posted on a network administrators'
mailing list indicated that those companies were also upgrading their
networks.

Bruce Schneier, a noted security expert and chief technology officer
for network monitoring service provider Counterpane Internet Security,
wasn't ready to ring the alarm bell, however.

"Could it be a problem? Of course, it could be a problem, but so could
the other 30 vulnerabilities that have been announced this week," he
said.

While it's difficult to gauge how critical the glitch is, he added,
any issue with the Internet backbone--the large communications
channels that connect different areas of the Net--should be taken
seriously.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.