RSS

Cisco Says VPN Vulnerable

John Stith
Staff Writer
2006-01-31

Insider Reports RSS Feed

Cisco Systems warned on Friday via a security advisory of a vulnerability in its VPN 3000 Series concentrators. They said the vulnerability could allow a hacker to send a crafted HTTP packet that would result in a denial-of-service attack.

For affected customers, Cisco offered up software that should address the problem as well as workaround. Information week said, "The HTTP used for this type of Web-based management interface is activated by default on the VPN 3000 concentrators, but Cisco recommends disabling it to mitigate the vulnerability. With HTTP disabled, the concentrator can be configured to use HTTPS (HyperText Transfer Protocol Secure). HTTPS must be enabled before disabling HTTP.

The affected concentrators include versions 4.7.0 through 4.7.2.A of the equipment's software. As with any other similar issues, the warning goes out to make sure everything is updated with all the latest patches and fixes.

Add to | DiggThis| Yahoo My Web

About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials