In an advisory posted online, Cisco noted that some of the routers running Cisco IOS include a feature called Cisco IOS IPS, which acts as an in-line protection sensor watching packets and sessions as they flow through the router.
If the Cisco IOS IPS devices have been configured by using Cisco IPS MC v2.1—the companys Management Center for IPS sensors—a configuration file could be downloaded that results in signatures being disabled.
The vulnerability has been reported in IOS IPS devices configured by IPS MC v2.1, but those devices not configured by this method are not vulnerable, Cisco has reported.
The patch is available on Ciscos security advisory site.
NetBSD Plugs Highly Critical Security Bypass Flaw
Open source operating system NetBSD has updated its system to address vulnerabilities that impact system access and administrator privilege settings.
Security alert firm Secunia Inc. rates the threat as "highly critical" and notes that the vulnerabilities can be exploited by malicious, local users to gain escalated privileges.
Malice-minded users could also cause a denial-of-service attack or be able to bypass certain security restrictions to compromise a system, Secunia warned.
The flaws spring from a number of areas, including boundary errors in the telnet client, an integer overflow error in the FreeBSD compatibility code, and insecure temporary code creation in the directory.
The vulnerabilities have been fixed in the current version of NetBSD, as well as the NetBSD 1.6 branch.
OpenVPN 2.0 Update Issued
Point-to-point VPN package OpenVPN requires users to download an update to avoid format string and denial of service vulnerabilities.
Rated as "moderately critical" by Secunia, the two flaws can potentially be exploited to compromise a users system.
The format string error can be exploited when a user is tricked into connecting to a malicious VPN server, according to Secunia.
Another error is in the NULL pointer, when the OpenVPN is running in TCP mode. Exploitation of the error could cause the service to crash, as a result of the exception handler dereferencing a NULL pointer.
The vulnerability has been reported in all OpenVPN 2.0 versions, and the OpenVPN project has posted a downloadable update to version 2.0.3, as well as version 2.0.4, on its site.