x
Optical/IP

Cisco Discloses IOS XR Flaw

Cisco Systems Inc. (Nasdaq: CSCO) issued three security advisories today, including one allowing the possible takeover of an IOS XR router.

IOS XR is the operating system for the CRS-1 and XR 12000 lines of routers. It's a modular operating system, as is JunOS from Juniper Networks Inc. (NYSE: JNPR), as opposed to the non-modular IOS that runs on most of Cisco's routers. (See Cisco Unveils the HFR and Cisco's CRS-1 Gets Edgy.)

The "Crafted IP Option Vulnerability," as Cisco calls it, can be used to start a denial of service (DOS) attack on a router, possibly leaving it open for "arbitrary code execution," as Cisco's advisory puts it.

The Crafted IP Option Vulnerability advisory can be found here.

This appears to be the first time Cisco has found a DOS loophole specific to IOS XR. But it isn't the first vulnerability discovered in IOS XR.

An alert in April noted several IOS XR flaws related to MPLS, although it didn't indicate that the problems could be exploited to create a DOS attack. A few alerts related to DOS attacks on IOS, such as one having to do with the Internet Control Message Protocol (ICMP), have the potential to affect IOS XR as well.

Cisco's two other advisories today relate to plain old IOS.

One is a TCP vulnerability that can be exploited in a DOS attack; that one appears to affect all IOS release 12.0 versions. An IPv6 header vulnerability, where a specially crafted header can crash a router, affects only certain 12.0 versions. Cisco has issued a free fix for both IOS vulnerabilities.

Craig Matsumoto, West Coast Editor, Light Reading

Honestly 12/5/2012 | 3:15:55 PM
re: Cisco Discloses IOS XR Flaw No review, but how about reality. IOS XR and IOS lose to Junos in the core for good reasons, some of which are more obvious today. Where is the CRS in the Core?
Thanks Craig, good story.
gotman 12/5/2012 | 3:15:55 PM
re: Cisco Discloses IOS XR Flaw Isn't the title misleading? This flaw was not for IOS-XR only, IOS as well.
Pete Baldwin 12/5/2012 | 3:15:55 PM
re: Cisco Discloses IOS XR Flaw Anyone out there gotten hands-on experience working with XR? Care to give us a capsule review?
everythingip 12/5/2012 | 3:15:54 PM
re: Cisco Discloses IOS XR Flaw as a user that has experience with IOS, IOS-XR and JunOS all of them have bugs, Cisco just discloses them
jepovic 12/5/2012 | 3:15:54 PM
re: Cisco Discloses IOS XR Flaw From what I hear, our main concern with Cisco isn't CSR-1 software, but GSR software. The quality of the GSR software has gotten significantly worse since the release of CSR. Even really "old" releases (fifth generation) have had serious flaws.

It seems as Cisco put the few bright engineers the have left on CSR, leaving GSR with scrap. This is a huge problem, since there is probably 100 times more GSRs out there. Also, there is probably VERY few CSRs with customer connections, which makes them a bit easier to protect than GSRs.
brahmos 12/5/2012 | 3:15:52 PM
re: Cisco Discloses IOS XR Flaw has cisco finished consolidating all its routers
on 12.2S release train ?
prs6str 12/5/2012 | 3:15:51 PM
re: Cisco Discloses IOS XR Flaw You have to be kidding me? Good story? The title is misleading to create undue interest and the key thing that could have been explored wasn't. Cisco spent a ton of money to build this new IOS-XR. To resolve this security issue, could users patch the code while the box was running, or not? How did this new software architecture help Cisco address the issue? If anyone thinks Cisco was promising bug free code with IOS-XR, then you are not the sharpest. The question is if IOS-XR allowed it's customers a more graceful recovery from inevitable issues like this. That's the story...did Cisco deliver? I'm actually too lazy to investigate that, but I would have hoped lightreading would have done more homework.

Now if you want to go the scandalous approach to increase readership, you compare that to the JunOS approach to addressing security patches for both disclosure and patching (too lazy here too). We are already tired of hearing how IOS handles it.
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE