Cisco IOS May Allow Unauthorized Access

Cisco IOS May Allow Unauthorized Access
Reported August 24, 1998 by Cisco Systems


  • Cisco IOS software versions 9.1 and later


Cisco Systems has revealed a problem with their IOS software, version 9.1 and later, where unauthorized users may be able to gain access to the router. Reports of sporadic router crashes led Cisco to discovering the problem, which affects many of their routers with model numbers ranging from 1000 and above. This definitely includes the 7000 and 12000 series models. According to their field service bulletin, with knowledge of IOS, an intruder could readily crash a router without having to logon first, and leave no trace in a system log.


Cisco says a patch is available.

Some versions of the 11.X IOS software have been corrected -- according to Cisco, the first regular release, 11.0.21 will contain the fix as well. That version is due in September of 98.

Cisco says software upgrades are available free to all, regardless of contract status. If a change in hardware is required, Cisco will negotiate on a case-by-case basis.

Prudent network administrators can work around the problem by applying appropriate access control lists to all terminal access methods.

To learn more about NT Security concerns, subscribe to NTSD

- Originally reported by Cisco Systems
- Posted on The NT Shop on August 24, 1998
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.