Cisco warns of more critical software holes

Cisco Systems Inc. warned its customers about two critical security holes that affect almost every product the company makes. The vulnerabilities could be used by malicious hackers to create so-called "denial of service" (DoS) attacks, causing Cisco products to abruptly restart or drop active connections with other devices. Cisco issued advisories on Tuesday, revealing the impact on the company's products of a security hole in the Transmission Control Protocol (TCP) and another serious vulnerability in company's Internetwork Operating System (IOS) that affects the Simple Network Management Protocol (SNMP). The advisories are just the latest in a string of security warnings from the San Jose, California, networking equipment maker.

Following warnings yesterday from the U.K.'s National Infrastructure Security Co-Ordination Centre (NISCC) and the US Computer Emergency Readiness Team (US-CERT), Cisco issued two advisories regarding a security vulnerability in the standard implementation of TCP.

Cisco is just one of a large number of software and hardware makers that are affected by the TCP hole.

Read Full Story