Cisco forced to fix insecure access solutions

Cisco has issued a security fix for certain versions of its Cisco Secure Access Control Server (ACS) for Windows and the Cisco Secure ACS Solution Engine.

Cisco has issued a security fix for certain versions of its Cisco Secure Access Control Server (ACS) for Windows and the Cisco Secure ACS Solution Engine.

Cisco said the problem caused multiple vulnerabilities, including the threat of crashed services. Two of the vulnerabilities may also permit arbitrary code execution by remote attackers after exploitation of the problem.

Versions of Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine prior to 4.1 are vulnerable, said Cisco.

The solutions support remote dial-in user access. The vulnerabilities were reported to Cisco by various security researchers.

More details on the problem are available here:

http://www.cisco.com/en/US/products/products_security_advisory09186a00807b8e55.shtml

Click to read articles on security

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close