All the latest UK technology news, reviews and analysis

Cisco warns of new security risks

by Shaun Nichols

More from this author

05 Sep 2008

Be the first to comment

  • Tweet this
Cisco Systems
Cisco has released a pair of new security advisories

Cisco Systems is warning enterprise users of several recently discovered and patched security flaws.

The first exists in the company's Access Control Server (ACS). If exploited, the vulnerability could allow an attacker to crash the server, leading to a denial-of-service attack.

Further reading

The flaw is believed to exist in all current versions of ACS for Windows and Cisco Secure ACS Solution Engine.

The company has issued a patch and is advising network administrators to apply the update.

Cisco said that the vulnerability exists in the handling of Remote Access Dial-In User Service (Radius) communications.

An attacker could exploit the vulnerability by way of a specially-crafted Radius authentication data packet sent to the server.

The company noted that, in order for the exploit to be carried out, the attacker must know the IP address of the target server as well as the Radius Shared Secret.

Discovery of the issue was credited to researchers Laurent Butti and Gabriel Campana.

Cisco also warned of six flaws in its ASA 5500 adaptive security and Pix security appliances.

The vulnerabilities include five denial-of-service flaws and one which could lead to information disclosure.

The company is advising its users to apply the latest updates for both appliances in order to protect against attack.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Networks

Person operating a mobile phone and laptop

Cisco predicts mobile internet traffic to hit 130 exabytes by 2016

Related white papers

Related articles

Related jobs

Today's top stories

A Cisco logo on a building

Cisco asks EU to rethink approval for Microsoft's Skype buy

meg-whitman-hp-ceo-global-partner-conference1

HP plans to double R&D spend across all divisions

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Middleware Specialist - Connect Direct

A global consultancy is looking for a technical IT infrastructure...

External Technical Engineer, Rochdale

External Technical Engineer, Rochdale This Lancashire...

Contract Solaris Administrator - Sweden

Contract: L3 Solaris Administrator - Stockholm, Sweden...

C#/ VB.NET Senior Developer / Team Leader - Manchster to £45K

C# or VB.NET Senior Developer / Team Leader x 2- Manchester...

To send to more than one email address, simply separate each address with a comma.