
Company thinks it's in the hardware business.
It's not.
And those funny little bits of text in text files are quite important.
Cisco has issued a security patch for a flaw in some of its routers that can be exploited by miscreants to potentially rifle through telecommunications networks. Switchzilla says the vulnerable kit – the ASR 9000, a family of high-end gear aimed at carrier and telco edge deployments – can, in certain circumstances, be hijacked …
I dunno.. It's all Chinese to me.. Oh, and Calvados <hic>, a fine tipple!
The fix seems... curious. Been a while since I've been a Cisco wrangler, but looks like un-commenting a couple of lines to define management VRFs.. And if not, then I'm guessing the vulnerabilty could extend to anyone who can reach a router's management interface via IGP, or worse, EGP.