Bad week for Cisco, security headaches



For starters, there was this advisory last week in response to a planned talk at a hacker convention on the possibility of a cisco router ipv6 exploit. The advisory detailed a LOCAL exploit and not the remote exploit that the talk was centered around. There was legal action against the speaker and materials detailing it were destroyed (literally ripped out of notebooks) at the convention by Cisco. Apparently this is the kind of vulnerability that could “shut down the internet”. Of course, much of the internet’s backbone runs on Cisco equipment. Next….



Next, what we see are hackers at a similar convention taking a more serious look at the possibility of a remote exploit against IPv6 in Ciscos equipment detailed in this article. But today may be the icing on the headache for Cisco. They’ve had a web security flaw at their customer portal. Passwords have been reset and the flaw reportedly could reveal logins of registered users in the search tool. It’s also reported that someone “broke in and stole unknown numbers of username and passwords”.

Most links above are courtesy of The Register, the last is from blogs.washingtonpost.com.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Win Security 360 | Win Security 360 Removal Guide Win Security 360 is a rogue antivirus application that is promoted through the use of trojans and other malware as well as sites that claim to do malware scans of your computer. Among the things that it will do is schedule itself to run when the system boots and it......
  • DoS Exploit for MS-053 Incidents.org has the story on an "in the wild" exploit for MS-053 vulnerability. The patch is out, so if you haven't already - go ahead with the patching. The vulnerability is entitled "Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)". The exploit causes 100% cpu utilitzation on visiting......
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
Blog Traffic Exchange Related Websites
  • Gain Access To Public Records Very Easily And Instantly As years go by, doing a background check on a person has become more common and significant. One good reason for this is the growing importance of verifying the identity of a person because not everybody is always sincere. As a matter of fact, you can now easily fake your......
  • Microsoft Warns of SQL Attack SQL stands for Structured Query Language. SQL Attack is kind of Hacking attack. Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software. Microsoft issued a security advisory late Monday, saying that the......
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site