Your browser does not seem to support CSS. If images appear below, please disregard them.
Topic Options
Rate This Topic
#39291 - 04/16/04 04:47 AM Cisco Warns of Wi-Fi Vulnerability
Joined: Apr 2004
Posts: 298
Phatal Offline
UGN News Staff
Phatal Offline
UGN News Staff

Joined: Apr 2004
Posts: 298
Houston, TX
Cisco has issued a security warning for two products used to manage wireless local area network (LAN) and e-business services in data centres.
The company said that a username and password coded into all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software could give attackers complete control of the devices.

The warning states: "A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround."

CiscoWorks WLSE provides centralised management for the Cisco wireless LAN infrastructure. It unifies the other components in the solution and actively employs them to provide continual 'Air/RF' monitoring, network security and optimisation.

It also assists network managers by automating and simplifying mass configuration deployment, fault monitoring and alerting.

HSE monitors and activates a variety of e-business services in Cisco-powered data centres.

The warning adds: "Any user who logs in using this username has complete control of the device. One can add new users or modify details of the existing users, and change the device's configuration."

The company cautioned that this could result in system-wide outages, long-term loss of information confidentiality and integrity, and yield denial of service.

Cisco said it was unaware of any attacks that use the hard-coded login information, but has advised customers to install the appropriate software patch.

You can view the original article here...
http://www.newsfactor.com/story.xhtml?story_title=C...y=netsecurity#story-start

Top
Sponsored Links
#39292 - 04/16/04 05:14 AM Re: Cisco Warns of Wi-Fi Vulnerability
Joined: Apr 2004
Posts: 298
Phatal Offline
UGN News Staff
Phatal Offline
UGN News Staff

Joined: Apr 2004
Posts: 298
Houston, TX
CERT ID
VU#659228

just in case you were wondering

Top
#39293 - 04/16/04 09:07 AM Re: Cisco Warns of Wi-Fi Vulnerability
Joined: Oct 2002
Posts: 616
weeve Offline
UGN Super Poster
weeve Offline
UGN Super Poster

Joined: Oct 2002
Posts: 616
The Beach
heh far worse then owning ciscos via httpd or default password login? Maybe...just maybe...


"Beware the Jabberwock, my son!
The jaws that bite, the claws that catch!
Beware the Jubjub bird, and shun
The frumious Bandersnatch!"
Top

Member Spotlight
Crime

Crime
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Sponsored Links
Forum Statistics
Forums46
Topics46,445
Posts81,615
Members2,157
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,609
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860