Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
May
S M T W T F S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#39291 - 04/16/04 04:47 AM Cisco Warns of Wi-Fi Vulnerability
Joined: Apr 2004
Posts: 298
Phatal Offline
UGN News Staff
Phatal Offline
UGN News Staff

Joined: Apr 2004
Posts: 298
Houston, TX
Cisco has issued a security warning for two products used to manage wireless local area network (LAN) and e-business services in data centres.
The company said that a username and password coded into all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software could give attackers complete control of the devices.

The warning states: "A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround."

CiscoWorks WLSE provides centralised management for the Cisco wireless LAN infrastructure. It unifies the other components in the solution and actively employs them to provide continual 'Air/RF' monitoring, network security and optimisation.

It also assists network managers by automating and simplifying mass configuration deployment, fault monitoring and alerting.

HSE monitors and activates a variety of e-business services in Cisco-powered data centres.

The warning adds: "Any user who logs in using this username has complete control of the device. One can add new users or modify details of the existing users, and change the device's configuration."

The company cautioned that this could result in system-wide outages, long-term loss of information confidentiality and integrity, and yield denial of service.

Cisco said it was unaware of any attacks that use the hard-coded login information, but has advised customers to install the appropriate software patch.

You can view the original article here...
http://www.newsfactor.com/story.xhtml?story_title=C...y=netsecurity#story-start

Top
Sponsored Links
#39292 - 04/16/04 05:14 AM Re: Cisco Warns of Wi-Fi Vulnerability
Joined: Apr 2004
Posts: 298
Phatal Offline
UGN News Staff
Phatal Offline
UGN News Staff

Joined: Apr 2004
Posts: 298
Houston, TX
CERT ID
VU#659228

just in case you were wondering

Top
#39293 - 04/16/04 09:07 AM Re: Cisco Warns of Wi-Fi Vulnerability
Joined: Oct 2002
Posts: 616
weeve Offline
UGN Super Poster
weeve Offline
UGN Super Poster

Joined: Oct 2002
Posts: 616
The Beach
heh far worse then owning ciscos via httpd or default password login? Maybe...just maybe...


"Beware the Jabberwock, my son!
The jaws that bite, the claws that catch!
Beware the Jubjub bird, and shun
The frumious Bandersnatch!"
Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics45,748
Posts80,916
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 38,912
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 1 guest and 1 spider.
Latest News