hype-free: Flaws in the Cisco PIX appliances

Sunday, June 15, 2008

Flaws in the Cisco PIX appliances

Via NetworkWorld (emphasis added):

Crafted TCP ACK Packet Vulnerability

Crafted TLS Packet Vulnerability

Instant Messenger Inspection Vulnerability

Vulnerability Scan Denial of Service

Control-plane Access Control List Vulnerability

The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL). Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another.

I don't know what I'm scared of more: the fact that these types of vulnerabilities exists in devices which should enforce some basic separation between networks or the fact that they have a feature called Instant Messenger Inspection?

0 comments:

Post a Comment

You can use some HTML tags, such as <b>, <i>, <a>. Comments are moderated, so there will be a delay until the comment appears. However if you comment, I follow.

Using the embedded comment form requires JavaScript to be turned on for the blogger.com domain. However, you can still comment using the traditional method.