Cisco patches serious flaws in router and conferencing server software
Cisco Systems released patches this week for several vulnerabilities in its IOS software for networking devices and the Cisco and WebEx conferencing servers.
The most serious vulnerability affects the Cisco IOS XR software for the Cisco Network Convergence System (NCS) 6000 Series Routers. It can lead to a denial-of-service condition, leaving affected devices in a nonoperational state.
Unauthenticated, remote attackers can exploit the vulnerability by initiating a number of management connections to an affected device over the Secure Shell (SSH), Secure Copy Protocol (SCP) or Secure FTP (SFTP).