TechTarget

Cisco releases fix for VPN flaw

Users of Cisco's VPN software have been urged to upgrade their client software to fix a number of holes in the product.

Users of Cisco's VPN software have been urged to upgrade their client software to fix a number of holes in the product.

In an alert on its Web site, Cisco said all VPN Client software programs earlier than version 3.6 and earlier than version 3.5.4 are affected.

The problem occurs on all supported operating systems including Windows and Red Hat Version 6.2 Linux (Intel), or compatible distributions based on kernel Version 2.2.12 or later, Solaris UltraSPARC running a 32-bit kernel OS Version 2.6 or later and Mac OS X Version 10.1.0 or later.

The software contains a number of buffer overflow bugs.

Cisco added that the VPN Client software locks up a PC if receives a data packet containing no information. Cisco assured users that the bugs posed no risk to the confidentiality and integrity of users' data. It said a hacker would only be able to prevent the Cisco VPN Client software program from functioning correctly.

A fix for Cisco VPN Client version 3.6 or later is available for download from the Cisco Web site.

Cisco said users of VPN Client version 3.5.4 would have to wait until then end of next month for the required updated.

Cisco said the flaw does not affect users of its VPN 5000 Client software.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close