Cisco rolls out controller fix

By Shaun Nichols on Jul 29, 2009 2:52 PM
Filed under Technology

Company issues patch for security flaws.

Cisco has released a security update to address a flaw in its line of wireless LAN controllers.

The company on Tuesday issued security fixes to address a number of flaws with impacts ranging from denial-of-service to complete control of the device by an attacker.

Cisco said that the vulnerabilities mainly centered around the handling of HTTP and HTTPS commands, as well as a flaw concerning the handling of SSH requests. Attackers can target the flaws by sending malformed code or specially crafted commands, causing a denial of service and possibly giving the attacker network access.

Among the products said to be vulnerable to one or more of the attacks are Cisco's 1500, 2000, 2100, 4100, 4200 and 4400 Wireless Service Modules as well as the company's Integrated Service Routers and 3750G wireless LAN controllers.

The company is advising administrators to upgrade the vulnerable devices to the latest software versions or implement company-recommended workarounds.

Cisco's fix is the latest in what could be a very busy week for some administrators. Earlier this week Microsoft issued a pair of out of cycle patches to address a pair of vulnerabilities which have been actively targeted in malware attacks.

 
Follow us on Facebook and Twitter
 

Copyright ©v3.co.uk

Cisco rolls out controller fix
 
 
 
 
 
Top Stories
Deals done: 10 top acquisitions of 2014
Who bought who, and for how much?
 
Office 365: high and lows of 2014
How did Microsoft's cloud strategy perform?
 
10 things we learned this week
Seasons greetings and "Yo Gabba Gabba!" from CRN.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Who had more wins in 2014?

Latest Comments
CRN Magazine

Issue: 334 | December 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.