Computer security was increased not one iota by the release of an attack script aimed at Cisco networking devices by a group of Italian teenagers. Cisco has warned users of the threat and provided code upgrades and mitigation suggestions for the vulnerabilities. Administrators who haven't yet deployed all the fixes on their devices could be hit by a rash of assaults.
The proof-of-concept code consists of a Perl script that allows the user to select an attack from a handy menu of nine choices. The attacks exploit known vulnerabilities in Cisco products, including devices running the Internetwork Operating System (IOS), routers, PIX firewalls and Catalyst switches. Helpful comments in the script explain that different sections exploit denial of service vulnerabilities, authorization problems and execution of arbitrary code. When run, the script prints useful messages, like, "Vulnerability successful [sic] exploited. Target server is down."
A preface to the script announces that, "The BlackAngels staff refuse all responsabilities [sic] for an incorrect or illegal use of this software or for eventual damages to others systems." However, it's difficult to imagine any other use for the attack script. The BlackAngels describe themselves as a group of Italian teenage boys, "expert in the network security field and programming." Their generosity in making this attack script generally available was matched by the French group K-OtiK, which published the attack script on its Web site.
Cisco has already provided fixes for all the problems that the attack script exploits, except for one denial of service issue in the Cisco 675 that can be mitigated.