You are here

Cisco announces flaw in in two of its management tools

Submitted by Karthik on 8 April, 2004 - 10:55

Computer Weekly reports that Cisco have announced yet another flaw in their software.. This follows a bunch of vulnerabilities detected last month in their router and switch IOS software.

A default user name and password combination were written, or "hard coded", into the software which runs on both devices and cannot be disabled. A malicious user who had the password would have complete control of the affected device, which could be used as a platform for further attacks, Cisco warned.

This must be the millionth "preset username and password" flaw reported in a networking device; albeit this time it's hard-coded :S Patches are available..