Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Cisco has patched four security holes in its WebEx software

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 14, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Cisco said earlier today that it has patched no less than 4 security bugs in its WebEx software that allowed hackers to gain complete access to video conferences and also acquire other admin functions as well.

Cisco's WebEx video communications platform contained a cross site request forgery in versions 1.5 and below.

Cisco placed a moderate severity rating on the security flaw (CVE-2014-8031). "A vulnerability in the web framework code of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform a cross-site request forgery attack," Cisco wrote in its security advisory this morning.

"The vulnerability is due to insufficient CSRF protections. An attacker could exploit this security vulnerability by convincing users of the affected systems to follow a malicious link or visit an attacker-controlled website," the advisory warned.

An additional 3 security flaws meant that attackers could launch cross-site scripting attacks (CVE-2014-8030), generate a users' encrypted password (CVE-2014-8032) and then exploit an exposed API to become an administrator (CVE-2014-8033).

In May 2014, Cisco patched a handful of buffer overflow holes in its WebEx product line that led to remote code execution.

Then in November, the company made available additional security patches addressing some wobbly features and enforced stricter controls including that all meetings must have passwords at all times.

Users should be extremely cautious when opening links related to WebEx and update to a non-vulnerable version as soon as possible, Cisco warns.

Source: Cisco.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer