New York Web Design News November 1 2005, the latest breaking New York Web design news brought to you by,
Web Designs Now,Website Designs Now,New York Web Design Homepage,Web Design Services for New York, Connecticut, Long Island,New York Web Design Client Testimonials,Website Portfolio of New York Web Design, About this New York Web Design Firm,Contact this New York Web Design Firm

Cisco Flaw = Wi-Fi Risk
Web Design & Technology News, November 1, 2005

Web Ads Hit Record High
VPN Flaw Threatens Web
MS Patches May Break Web Sites
Cisco Patches Critical Web Bug
Cisco Flaw = Wi-Fi Risk

More Web Design News:
2007 Current News
2007 May
2007 March
2006 November
2006 September
2006 August
2006 July
2006 June
2006 May
2006 April
2006 March
2006 February
2006 January
2005 December
2005 November
2005 October
2005 September
2005 August
2005 July
2005 June
2005 May
2005 April
2005 March
2005 February
2004 March
2004 February
2004 January
2003 December
2003 November
2003 October
2003 September
2003 August
2003 July
2003 June
2003 March - May


November 1, 2005

A security bug in Cisco Systems' wireless LAN controllers could enable an attacker to send malicious Web traffic to a secured Wi-Fi network.
By Joris Evers

The problem affects large Wi-Fi networks, not the average home installation. It occurs when Cisco 1200, 1131 and 1240 series Wi-Fi access points are controlled by Cisco 2000 and 4400 series Airespace Wireless LAN Controllers, according to a security advisory released Wednesday by the networking equipment maker.

Wi-Fi access points are the devices that let people connect to wireless service on the Web. Controllers are used by operators of large Wi-Fi networks, which typically include many access points, to centrally control functions such as security policies, intrusion prevention and radio frequency management.

The security problem affects only Wi-Fi installations that use the 2000 and 4400 controllers, Cisco said. Access points that do not link to those model systems are not affected, it added.

The access points, even when configured to handle encrypted network traffic only, may accept unencrypted incoming traffic, according to Cisco. An attacker on the Web could exploit the flaw to send malicious traffic to a wireless network that is designed to be secure, the company said. It could also allow unauthorized access.

A successful attack would require the attacker to use the hardware address--known as the Media Access Control number--of a device already authenticated to the network, mitigating the risk of an attack.

Cisco has a software update available for the WLAN controller to fix the vulnerability. The flaw is rated a "moderate risk" by the French Security Incident Response Team, FrSIRT, a security monitoring and research firm.

The news of the Wi-Fi security flaw comes a day after Cisco reported a security issue related to its intrusion prevention system, or IPS, security software. The problem exists because of an error in the configuration file of Cisco's Internetwork Operating System IPS, the company said in an advisory.

At risk are installations of the Cisco IPS configured by version 2.1 of the IPS Management Center, Cisco said. The flaw might result in an incomplete analysis of network traffic secured by the Cisco IOS IPS device, which could allow some attacks to go unnoticed, according to Cisco. The flaw is also rated "moderate" risk by FrSIRT.

Web Designs Now
Back to the Top
 © Copyright 2007, All rights reserved  |  Privacy Web Design Forums  |  Web Design News  |  Advertise  |  About Us  |  Contact Us  |  W3C HTML 
 Related Websites: New-York-WebDesign.com