Saturday, 19 May 2012
Home arrow Advertises arrow Vulnerabilities arrow Vulnerabilities with diverse effects in Cisco IPS
Security software
Anti spam tools
Anti spyware tools
Antivirus
Backup
Encryption
Firewall
Free software
Passwords managers
Popup ad blockers
Other
Other
Submit software
Security news
Security information
Contact us


RSS
Security software
Security software


Sell software online
Affiliate Programs
Hand guns


Vulnerabilities with diverse effects in Cisco IPS
Sunday, 24 September 2006
Cisco has confirmed the existence of vulnerabilities in the Cisco Intrusion Prevention System (IPS) which could allow a remote user to cause denial of service conditions, or evade detection mechanisms.

According to Cisco, at http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml, the flaw lies in the failure of the mainApp process (for remote access) when the administration interface processes an SSLv2 Client Hello packet that has been specially modified by a remote attacker. This would prevent further administration requests through the Web administration interface, the commandline interface or the console.
The device would have to be restarted to allow administrative communication again.

Cisco has acknowledged that the following versions are vulnerable:
* Cisco IDS 4.1(x) prior to 4.1(5c)
* Cisco IPS 5.0(x) prior to 5.0(6p1)
* Cisco IPS 5.1(x) prior to 5.1(2)

A second problem could allow a remote attacker to send specially-crafted sequences or fragmented IP packets to evade detection. This problem affects versions:
* Cisco IPS 5.0(x) prior to 5.0(6p2)
* Cisco IPS 5.1(x) prior to 5.1(2)

Cisco has released updated versions 4.1(5c), 5.0(6p2) and 5.1(2).
 
< Prev   Next >
[ Back ]
Security articles
  • Rootkits the new weapon for cyber criminals (q)
  • Sniffing (q)
  • Definition: PGP (q)
  • Cryptanalysis (q)
  • Backup Hints (q)
    • © 2004-2007 Daita.org