Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Cisco glitch could allow hackers into Windows servers

  • 28-04-2003 12:21pm
    #1
    tom-thebox
    Closed Accounts Posts: 1,414 ✭✭✭


    pasted from http://www.silicon.com/news/500021-500011/1/3898.html


    Cisco glitch could allow hackers into Windows servers
    Here's what happens and what to do...



    A potentially critical vulnerability has been found in Cisco Systems' Secure Access Control Server for Windows servers, which is used to control devices such as routers in large networks.


    The buffer overflow glitch may allow an attacker to seize control of the Cisco service when it's running on Windows, according to Cisco. The Unix variant is not affected. Exploitation of the flaw could result in a malicious hacker gaining full control of a target company's security infrastructure, leaving it completely exposed.


    "Exploitation of this vulnerability results in a denial of service and can potentially result in system administrator access. Cisco is providing repaired software, and customers are recommended to install patches or upgrade at their earliest opportunity," Cisco said in an advisory released Wednesday. The advisory contains patches for fixing the bug.


    The ACS system is used to control routers, firewalls, virtual private networks, voice over IP systems and wireless networks, as well as to provide access policies to users.


    An exploit for the vulnerability is not known to be circulating, and ACS servers are usually deployed on network segments with limited physical access.


    The flaw was found by researchers at NSFocus Information Technology. The China-based company released an advisory of its own on Thursday.


    Administrators of ACS systems block TCP port 2002 until they can deploy Cisco's fix.


    Patrick Gray writes for ZDNet Australia.


Comments

Advertisement