The Network Security. Org

Cisco Warns Of Vulnerability In VPN Device

Cisco Systems on Friday released a security advisory about its VPN 3000 Series concentrators, which have a vulnerability that could allow a malicious user to send a crafted HTTP packet that could result in a denial-of-service attack.

Cisco has made free software available to address the vulnerability for affected customers, and has provided workarounds. The HTTP used for this type of Web-based management interface is activated by default on the VPN 3000 concentrators, but Cisco recommends disabling it to mitigate the vulnerability. With HTTP disabled, the concentrator can be configured to use HTTPS (HyperText Transfer Protocol Secure). HTTPS must be enabled before disabling HTTP. CRN | Cisco Systems, Networking Hardware | Cisco Warns Of Vulnerability In VPN Device

More News

• NetWitness releases free version of security software
  



• Three Reasons Why Users Won’t Buy Into Security
  



• Automated security testing & its limitations
  



• How to Use Network Behavior Analysis Tools
  



• The insider security threat in IT and financial services
  



• Top 10 Network Security Threats
  



• Big leap in malicious Web sites
  



• Network security makes a quantum leap
  



• Microsoft Preps 11 Security Bulletins for Patch Tuesday
  



• Practical Defense in Depth
  



• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say