Jul
28
2009
Multiple Vulnerabilities in Cisco Wireless LAN Controllers

Multiple vulnerabilities exist in the Cisco Wireless LAN Controller (WLC) platforms. This security advisory outlines the details of the following vulnerabilities: Malformed HTTP or HTTPS authentication response denial of service vulnerability SSH connections denial of service vulnerability Crafted HTTP or HTTPS request denial of service vulnerability Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability

Jul
22
2009
CoPP?! What is that?

Cisco Network Foundation Protection (NFP) is an umbrella strategy encompassing Cisco IOS Security features that provides the tools, technologies, and services that enable organizations to secure their network foundations. NFP helps to establish a methodical approach to protecting router planes, forming the foundation for continuous service delivery. The router is typically segmented into three planes of operation, each with a clearly identified objective: the data plane allows the ability to forward data packets the control plane allows the ability to route data correctly the management plane allows the ability to manage network elements. The vast majority of packets handled by […]

Jul
20
2009
Vulnerabilities in Unified Contact Center Express Administration Pages

Reported to Cisco by National Australia Bank’s Security Assurance team, on July 15, 2009 the PSIRT has published a new security advisory concerning to vulnerabilities in Unified Contact Center Express Administration Pages. Cisco Unified Contact Center Express (Cisco Unified CCX) server contains both a directory traversal vulnerability and a script injection vulnerability in the administration pages of the Customer Response Solutions (CRS) and Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR) products. Exploitation of these vulnerabilities could result in a denial of service condition, information disclosure, or a privilege escalation attack.

Jul
2
2009
Cisco introduces four new certifications!

Yesterday, I have received the newsletter from learning@cisco that announce the release of four new certifications. “In response to the growing demand for IT professionals who can design, manage, and maintain converged technologies across global network infrastructures, Cisco announced the release of four new certifications at the Cisco Live! show, held this week in San Francisco, CA. Cisco Certified Architect, CCNP Wireless, and two new Cisco Datacenter Unified Computing Specialists reinforce Cisco’s commitment developing state of the art, technology driven, role based certifications that meet the demands of today’s network professional.”

Jul
1
2009
OSPF Virtual Link

The Open Shortest Path First (OSPF) protocol, defined in RFC 2328, is an Interior Gateway Protocol used to distribute routing information within a single Autonomous System. The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford vector based algorithms used in traditional Internet routing protocols such as RIP. OSPF has introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, and so forth. An OSPF network can be divided into sub-domains called areas. An area is a logical collection of OSPF networks, routers, and links that have the same […]

Jun
25
2009
Jun.24, 2009: 2 new Cisco critical vulnerabilities

On June 24, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 2 new vulnerability advisories. 1) Cisco Physical Access Gateway Denial of Service Vulnerability A denial of service (DoS) vulnerability exists in the Cisco Physical Access Gateway. There are no workarounds available to mitigate the vulnerability. This vulnerability has been corrected in Cisco Physical Access Gateway software version 1.1. Cisco has released free software updates that address this vulnerability. Vulnerable Products Cisco Physical Access Gateway running software versions prior to 1.1 are vulnerable.

Jun
22
2009
Have you never seen a Cisco crash?

It is not common see a Cisco crash: Software forced crash, Bus Error, Software watchdog timeout, and so on… But if you would do it, there is a pretty trick :) : it’s the “test crash” command, an hidden IOS command. This can help you if you are lucky enough to have the real crash exactly like one of those you can test with “test crash” command.

Jun
9
2009
Cisco Developer Contest: the ten finalists

Do you remember Cisco Developer Contest started on October 14, 2008? During this period, nearly 900 registrants from 75 countries have take part to the challange, but only 10 finalist teams are enjoying with the second (last) phase. Now, during the second phase of the contest, started from May 15, 2009, until August 15, 2009, the top-10 finalists will work with Cisco to bring the applications to maturity using Cisco resources on Cisco virtual AXP blades. After a final judging period, a winner will be announced in October 2009. These finalists come from four different continents: North America: Team Cupertino Systems, […]

May
25
2009
CiscoWorks TFTP Directory Traversal Vulnerability

CiscoWorks Common Services contains a vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. Vulnerable Products Products that have TFTP services enabled and that run CiscoWorks Common Services versions 3.0.x, 3.1.x, and 3.2.x are vulnerable. Only CiscoWorks Common Services systems running on Microsoft Windows operating systems are affected.

May
19
2009
BGP best path selection

The Border Gateway Protocol (BGP) is an interautonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP). BGP is a very robust and scalable routing protocol, as evidenced […]

Pages:«1...15161718192021...27»