After 24 hours of fun we are back online!
The main circuit which supports the web site, mail and a handful of other services went down yesterday for 90 minutes. After it came back up there were continual errors on the line that interferred with maintining established TCP connections -- ICMP/UDP seemed to still work ok. Some work on one end of a lengthy coax cable run seemed to turn the trick and get things back up. So "We're back!"
Keywords:
0 comment(s)
Cisco content switch SSL vulnerability
Cisco announced a vulnerability in the 11500 and 11501 content switches with the optional SSL module.
http://www.cisco.com/warp/public/707/cisco-sn-20050908-css.shtml
The scope appears to be limited. You must be using certificate authentication and the CSS must be the SSL server. In the affected cases if ssl fails to renegotiate a session at the appropriate time it may be possible to bypass authentication. Those using SSL are strongly encouraged to upgrade as soon as possible.
http://www.cisco.com/warp/public/707/cisco-sn-20050908-css.shtml
The scope appears to be limited. You must be using certificate authentication and the CSS must be the SSL server. In the affected cases if ssl fails to renegotiate a session at the appropriate time it may be possible to bypass authentication. Those using SSL are strongly encouraged to upgrade as soon as possible.
Keywords:
0 comment(s)
Major Cisco IOS Vulnerability Announced
Cisco announced today there is a buffer overflow in the Firewall Authentication Proxy of Cisco IOS that can be used for a denial of service attack. Cisco's advisory is here.
The affected versions of Cisco IOS are 12.2ZH, 12.2ZL, 12.3, 12.3T, 12.4, and 12.4T (all versions). The vulnerability will not affect devices that are not configured for Firewall Authentication Proxy for FTP or Telnet Sessions. There is a rather large table of remediation options that is included with Cisco's advisory. FrSIRT and Symantec have this listed as a high risk alert. Either turn off the authentication proxy or patch your devices as soon as possible.
The affected versions of Cisco IOS are 12.2ZH, 12.2ZL, 12.3, 12.3T, 12.4, and 12.4T (all versions). The vulnerability will not affect devices that are not configured for Firewall Authentication Proxy for FTP or Telnet Sessions. There is a rather large table of remediation options that is included with Cisco's advisory. FrSIRT and Symantec have this listed as a high risk alert. Either turn off the authentication proxy or patch your devices as soon as possible.
Keywords:
0 comment(s)
×
Diary Archives
Comments