Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Apr 2004
Posts: 298
Phatal Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Apr 2004
Posts: 298
Cisco has issued a security warning for two products used to manage wireless local area network (LAN) and e-business services in data centres.
The company said that a username and password coded into all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software could give attackers complete control of the devices.

The warning states: "A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround."

CiscoWorks WLSE provides centralised management for the Cisco wireless LAN infrastructure. It unifies the other components in the solution and actively employs them to provide continual 'Air/RF' monitoring, network security and optimisation.

It also assists network managers by automating and simplifying mass configuration deployment, fault monitoring and alerting.

HSE monitors and activates a variety of e-business services in Cisco-powered data centres.

The warning adds: "Any user who logs in using this username has complete control of the device. One can add new users or modify details of the existing users, and change the device's configuration."

The company cautioned that this could result in system-wide outages, long-term loss of information confidentiality and integrity, and yield denial of service.

Cisco said it was unaware of any attacks that use the hard-coded login information, but has advised customers to install the appropriate software patch.

You can view the original article here...
http://www.newsfactor.com/story.xhtml?story_title=C...y=netsecurity#story-start

Joined: Apr 2004
Posts: 298
Phatal Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Apr 2004
Posts: 298
CERT ID
VU#659228

just in case you were wondering

Joined: Oct 2002
Posts: 616
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 616
heh far worse then owning ciscos via httpd or default password login? Maybe...just maybe...


"Beware the Jabberwock, my son!
The jaws that bite, the claws that catch!
Beware the Jubjub bird, and shun
The frumious Bandersnatch!"

Link Copied to Clipboard
Member Spotlight
Posts: 30
Joined: June 2002
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Crime 1
Ice 1
Dartur 1
Cyrez 1
Powered by UBB.threads™ PHP Forum Software 7.7.5