Friday, 25 May 2007
Cisco Patches Security Flaws in Number of Products |
| |
|
| |
Cisco has rolled out a security patch to fix vulnerabilities in many products that are prone to Denial of Service (DoS) attack. The flaws are said to be present in a third-party cryptographic library in Cisco IOS, Cisco IOS XR, Cisco PIX and ASA Security Appliances, Cisco Firewall Module and Cisco Unified CallManager products, the company is quoted to have said.
Johannes Ullrich, chief research officer for the Sans Institute, said that the vulnerability could lead to fraudsters to shut down the network in a DOS attack.
"In most DOS attacks, you just send more traffic than the network can handle. But in this case, the attacker only has to send a few packets," Ullrich said. "That takes up less of their bandwidth and makes it very easy to resend these packets again and again."
|
| |
|
|
| |
|
|
| |
|
|
| |
|
