back to article Management bug can crash Cisco IOS, IOS XE

Cisco's been caught out by the venerable Simple Network Management Protocol, turning up nine bugs in IOS and IOS XE that appear in all SNMP versions. Its implementation of SNMP v1, v2c and v3 – in other words, all versions in use – has a buffer overflow condition that in the right conditions can be exploited for denial-of- …

  1. Anonymous Coward
    Anonymous Coward

    Let me fix that for you...

    "In the meantime, sysadmins should be unaffected as the restrictions they have in-place to prevent abuse of SNMP access should limit the potential scope for denial of service attacks to existing monitoring systems. Alternatively, they can disable the vulnerable MIBs."

  2. Sir Runcible Spoon
    WTF?

    Never liked SNMP

    Because you can always bet that someone will open it up to be too permissive and you're left with a massive network with a massive security risk.

    1. Down not across

      Re: Never liked SNMP

      That argument would apply toa ny protocol.

      Personally, I like SNMP. Yes of course it (as any other management or monitoring) should be configured with appropriate ACLs and preferably be in fairly tightly controlled VLAN.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like