A security vendor is questioning whether the IOS FTP Server vulnerabilities Cisco reported on May 9 may constitute an intentionally planted backdoor, as opposed to a series of programming errors that inadvertently led to a backdoor.
Chris Eng, director of security services at Veracode, is suggesting that possibility given that a remote attacker would need one of the flaws—improper authorization checking in IOS FTP—in order to exploit the second flaw—an IOS reload when transferring files via FTP.
In essence, an attacker can bypass authentication and avoid giving credentials because of the first flaw. The attacker then has to overwrite the critical startup configuration file, then has to cause the router itself to reboot in order to execute the rewritten configuration file.
For full story: