All the latest UK technology news, reviews and analysis

Cisco patches Clean Access flaws

by Shaun Nichols

More from this author

08 Jan 2007

Be the first to comment

  • Tweet this
Cisco Systems
Users can remove both Cisco vulnerabilities by upgrading their Clean Access software

Cisco Systems has acknowledged a pair of vulnerabilities in its Clean Access networking software that could allow for unauthorised access and viewing of database files. 

Users can remove the vulnerabilities by upgrading their software or by installing a patch, said the company.

Clean Access is a pair of software applications that allows servers to scan any systems that attempt to access a network for required patches and software.

The vulnerabilities effect Shared Secret, a log-on authentication component, and Readable Snapshots, a system for manually backing up databases.

An attacker exploiting the Shared Secret vulnerability could take administrative control over the Clean Access System and have the ability to change settings and preferences, said Cisco.

The Readable Snapshots component could be vulnerable to a 'brute force' attack, according to Cisco.

An attacker who guesses or otherwise finds out the name of the Readable Snapshot file could download and view it without any further authentication.

Security firm Secunia lists both vulnerabilities as 'moderately critical', which ranks third on the company's five-alert scale. 

Users can remove both of the vulnerabilities by upgrading their Clean Access software, said Cisco. Versions 3.4.6.2, 4.0.4, 4.1.0 and later all contain a fix for the vulnerability.

The company has also made a patch available for users who do not want to upgrade.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

A Cisco logo on a building

Cisco asks EU to rethink approval for Microsoft's Skype buy

HP's Meg Whitman

HP plans to double R&D spend across all divisions

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Software Development Manager

Software Development Manager - London, 12 Month Contract...

PROCUREMENT AND COMMERCIAL MANAGER

PROCUREMENT AND COMMERCIAL MANAGER BERKSHIRE...

Field Service Engineer Crawley

Hardware Engineer / Field Service Support Analyst £16...

Infrastructure / Implementation Support Windows

Infrastructure / Implementation Support Engineer (Windows...

To send to more than one email address, simply separate each address with a comma.