McAfee Raises Attention About Cisco Flaws

McAfee AVERT, the research division of anti-virus vendor Network Associates, Thursday unveiled a comprehensive system and network protection against 10 Cisco Systems vulnerabilities attacked by a new hacking toolkit.

April 3, 2004

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

McAfee AVERT, the research division of anti-virus vendor Network Associates, Thursday unveiled a comprehensive system and network protection against 10 Cisco Systems vulnerabilities attacked by a new hacking toolkit.

The attack toolkit, named "CISCO Global Exploiter," has been made available across the Internet, and allows anyone to launch attacks exploiting weaknesses against any vulnerable Cisco OIS devices.

According to Vincent Gullato, vice president of McAfee AVERT, the Cisco vulnerabilities present hackers with a range of options, from causing denial-of-service attacks to bypassing authentication and executing malicious code on the device.

"When you're operating in an environment that has no integrity with regard to criminal activity, it's difficult to really grasp and believe a majority of what you hear and read," Gullato said. "With the information we can give, we hope it will provide [enterprise customers and resellers] with better protection."

Toward that aim, McAfee AVERT experts recommended users look into the following product vulnerabilities:

  • Cisco 677/678 Telnet Buffer Overflow Vulnerability

  • Cisco OIS Router Denial of Service Vulnerability

  • Cisco OIS HTTP Authentication Vulnerability

  • Cisco OIS HTTP Configuration Arbitrary Administrative Access Vulnerability

  • Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability

  • Cisco 675 Web Administration Denial of Service Vulnerability

  • Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability

  • Cisco IOS Software HTTP Request Denial of Service Vulnerability

  • Cisco 514 UDP Flood Denial of Service Vulnerability

  • CiscoSecure ACS Vulnerability

Cisco was not immediately available for comment.

Article appears courtesy of CRN.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Integrating the new APs into Dartmouth’s existing network infrastructure was no small feat. Mist’s AI-driven insights made this easier.
Network Management
How Dartmouth College Leveraged AI To Modernize Its Network in One Weekend
How Dartmouth College Leveraged AI To Modernize Its Network in One Weekend

Sep 12, 2024

Extensive communications outages from Hurricane Helene drive home the need for new approaches to strengthen network resiliency.
Network Resilience
Hurricane Helene Communications Outages Show Need for Greater Network Resilience
Hurricane Helene Outages Show Need for Greater Network Resilience

Oct 3, 2024

Satellite services could bridge the digital divide in remote areas through partnerships like the SoftBank-Intelsat collaboration announced last month.
Network Infrastructure
Intelsat, SoftBank Plan Ubiquitous Satellite Connectivity Network
Intelsat, SoftBank Plan Ubiquitous Satellite Connectivity Network

Oct 9, 2024

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events