The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Cisco patches three-year-old security bug

2014-10-24 09:57 by
Tags: ,

 

Networking manufacturer Cisco has recently patched a 3-year-old security hole in Telnet that affects a number of its security appliances. The bug (CVE-2011-4862) was initially discovered in 2011 but security researcher Glafkos Charalambous has recently found it in the AsyncOS software in the following appliances: Web Security Appliance, Email Security Appliance and Content Security Management Appliance. The flaw seemed to affect all versions of the software.

Cisco warned customers that devices with enabled Telnet were open to arbitrary code execution.

"A vulnerability in telnet code of Cisco AsyncOS could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system," Cisco wrote in a revised advisory.

"The vulnerability is due to insufficient boundary checks when processing telnet encryption keys. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious requests to a targeted system [and] execute arbitrary code on the system with elevated privileges."

The company not only released the patched version of the AsyncOS, but it also recommended some workarounds for customers:

"For some versions of Cisco AsyncOS Software for Cisco ESA and Cisco SMA, Telnet is configured on the Management port. Telnet services can be disabled to mitigate this vulnerability. Administrators can disable Telnet by using the administration graphical user interface (GUI) or by using the interfaceconfig command in the command-line interface (CLI). As a security best practice, customers should use Secure Shell (SSH) instead of Telnet," the advisory says.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
comment discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About