Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Cisco issues critical security patch to its Prime service

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

November 3, 2016

We just learned today that service providers using Cisco' Prime service to manage consumers' networks need to run in a critical security patch as soon as possible.

The security vulnerability Cisco has discovered can allow a remote attacker full administrative rights over the system, thanks to its graphic user interface.

For example, a crafted HTTP request to a particular URL lets an attacker “obtain a valid session ID for an arbitrary user” all the way up to the administrator.

The security problem affects Cisco Prime Home versions 5.1.1.6 and earlier. They all need to be migrated to 5.1.1.7), and 5.2.2.2 and earlier (migrate to 5.2.2.3); versions 6.0 and later are in the clear.

The other critical security patch for this week is in the company's ASR 900 Series aggregation router. The remote POP device is subject to remote code execution, Cisco asserted.

“The security vulnerability exists because the affected software performs incomplete bound checks on input data,” the advisory warned.

A malicious request to its TL-1 port can force a reload of the router, opening the window for an attacker to execute arbitrary code, get control or force a reload in one way or another.

The security flaw is present on ASR 901, ASR 901 10G, ASR 901-S, and ASR 920 routers, running versions 3.17.0S, 3.17.1S, 3.17.2S, 3.18.0S, and 3.18.1S of in the IOS XE software.

Cisco also recommends system admins with ASR 900s to run a stack trace to see if they've been compromised. The indicator is that the TL-1 helper process has crashed.

If that has happened, you will see a message like this-- ``Exception to IOS Thread: Frame pointer 0x348D3D18, PC = 0x150255E4 UNIX-EXT-SIGNAL: Segmentation fault(11), Process = TL1 Helper Process -Traceback= 1#c2f8cd10bbd769d41be54f5792c0ec33 :10000000+50255E4 :10000000+33DEED0 :10000000+33DEED0 :10000000+33D6718 :10000000+33D5444.``

Infrastructure Access Control (IAC) lists can be used as a workaround, and a security patch is available from Cisco.

Source: Cisco.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer