back to article Cisco whispers the three little words to really get an ASR 9000 net admin's blood pumping: Remote unauthenticated access

Cisco has issued a security patch for a flaw in some of its routers that can be exploited by miscreants to potentially rifle through telecommunications networks. Switchzilla says the vulnerable kit – the ASR 9000, a family of high-end gear aimed at carrier and telco edge deployments – can, in certain circumstances, be hijacked …

  1. John Smith 19 Gold badge
    FAIL

    Company thinks it's in the hardware business.

    It's not.

    And those funny little bits of text in text files are quite important.

    1. Jellied Eel Silver badge

      Re: Company thinks it's in the hardware business.

      I dunno.. It's all Chinese to me.. Oh, and Calvados <hic>, a fine tipple!

      The fix seems... curious. Been a while since I've been a Cisco wrangler, but looks like un-commenting a couple of lines to define management VRFs.. And if not, then I'm guessing the vulnerabilty could extend to anyone who can reach a router's management interface via IGP, or worse, EGP.

  2. Anonymous Coward
    Anonymous Coward

    NSA exploits embedded in Cisco kit...

    ... are systemic and widespread.

    1. Korev Silver badge
      Joke

      Re: NSA exploits embedded in Cisco kit...

      Yep, it's my way or the Huawei

    2. FrogsAndChips Silver badge

      Re: NSA exploits embedded in Cisco kit...

      Yep, time to ban this company from our systems and punish any country that doesn't comply with our boycott!

  3. Paul Herber Silver badge

    Be totally secure - stick to the venerable old ASR-33.

    1. Antron Argaiv Silver badge

      But watch out for that answerback drum...

  4. wyatt

    I wonder if any other vendors are suddenly going to have to offer a patch for this as well!?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019