Cisco warns of flaws in ACS product
Results 1 to 4 of 4

Thread: Cisco warns of flaws in ACS product

  1. #1

    Cisco warns of flaws in ACS product

    Networking equipment maker Cisco Systems Inc. is warning customers about security holes in two products that provide user authentication and authorization services for network devices such as firewalls and routers.,95514,00.html

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Anybody have a POF?
    ...This Space For Rent.


  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    Ahhhhhhhh crap. Now I have to go and test this out. I use the ACS product to perform authentication and authorization in my EAP-FAST deployment.

    Thanks for the heads up. I know exactly what I'll be doing on Monday morning.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Senior Member
    Join Date
    Dec 2003
    Pacific Northwest
    Good luck for those that have a lot of work to do in the near future.

    Interestingly, the article doesnt state that the flaws could work simultaneously or in harmony, only that the ACS devices stops responding to new TCP requests during the DoS, and that in other instances by spoofing the network address, you can access the interface. I yield to the knowledge of the wiser ones, but it is conceivable that they could be combined as we have seen in other attacks.

    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts