Datamation Logo

Malicious Cisco Code Circulating

Home Security
Ryan Naraine
By Ryan Naraine
March 30, 2004
Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The release of a hacking toolkit to exploit security holes in
several Cisco products has sent the networking giant scrambling to announce patches and
workarounds.

The San Jose, Calif., company confirmed malicious hackers were circulating
code that could be used to run denial-of-service attacks
against multiple products in an advisory.

“Customers should take steps to ensure that they have addressed each of
these either via a software upgrade or workarounds in place as appropriate
in order to mitigate any risk from this new exploit code,” Cisco warned.

The “Cisco Global Exploiter” exploit code was released to underground
hacking Web sites over the weekend and could be used to attack nine Cisco
vulnerabilities. The hacking toolkit, which was seen by
internetnews.com, includes very specific references to the targeted
Cisco security holes.

While most are denial-of-service vulnerabilities, one
flaw in the Cisco Broadband Operating System (CBOS) could lead to buffer
overflows and router takeovers.

Vulnerabilities that could be targeted by the exploit code include the
Cisco IOS Router DoS flaw; Cisco IOS HTTP Auth Vulnerability; Cisco IOS HTTP
Configuration Arbitrary Administrative Access Vulnerability; Cisco Catalyst
SSH Protocol Mismatch DoS Vulnerability; Cisco Catalyst SSH Protocol
Mismatch Vulnerability; and the Cisco 675 Web Administration Denial of
Service Vulnerability.

The company also warned hackers could unleash the infamous “Code Red” worm with the toolkit. Cisco’s advisory contained specific
patches and workaround that have previously been available.

It is not the first time that an active exploit targeting a known
vulnerability in Cisco routers and switches has been released on the
Internet.

Last July, a “fully functioning exploit tool” was released on
the Full Disclosure security mailing list. The
company started receiving reports of Cisco routers under attack immediately after the tool appeared.

  SEE ALL
ARTICLES  
Previous Article
Malicious Cisco Code Circulating
Next Article
March Virus Madness Strains IT Managers

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

AI

AI in Cybersecurity: The Comprehensive Guide to Modern Security

AI in Cybersecurity: The Comprehensive Guide to Modern Security
Security

What Is Cybersecurity? Definitions, Practices, Threats

What Is Cybersecurity? Definitions, Practices, Threats
Security

How to Secure a Network: 9 Key Actions to Secure Your Data

How to Secure a Network: 9 Key Actions to Secure Your Data
Datamation Logo

Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.

Advertisers

Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.

Advertise with Us

Our Brands

Technologyadvice ServerWatch TechRepublic Enterprise Networking Planet eWeek Project Management eSecurity Planet IT Business Edge
Privacy Policy Terms & Conditions About Contact Advertise California - Do Not Sell My Information

Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.