Skip to main content

Search

Items tagged with: Cisco


 

Good heavens, is it time to patch Cisco kit again? Prime Infrastructure root privileges hole plugged... Better be careful or the US Administration will ban them next as a security risk


Among a bumper crop of 57 security issues Cisco divulged on Wednesday was a fix for a trio of vulns, one critical, in networks management tool Prime Infrastructure. The latter potentially allows unauthenticated miscreants to execute arbitrary code with root privileges on PI devices.

The updates come just two days after the firm copped to a secure boot flaw in its routers that has been dubbed (pronounced Thrangrycat) by those who discovered it.

It has also been just a few months since a pile of patches addressed roughly similar problems, including a slack handful of remotely rootable vulns in Hyperflex. Over the years El Reg has written time and again about severe and critical problems with PI, including a SQL injection nasty and a method of obtaining root privs through a malformed HTTP POST request, among many others.

In the past, we do know that similar vulnerabilities that were discovered (by another large US company) used to delay their public announcements so that their own government could exploit them on foreign soil. Hopefully, that practice has died out a... show more


 
Cisco veröffentlicht erneut wichtige Sicherheitsupdates #Cisco #Sicherheitslücken #Updates


 

Cisco Nexus 9000 Switches Allow SSH As Root


HN Discussion: https://news.ycombinator.com/item?id=19914466
Posted by sky_nox (karma: 217)
Post stats: Points: 133 - Comments: 44 - 2019-05-14T22:32:28Z

#HackerNews #9000 #allow #cisco #nexus #root #ssh #switches
HackerNewsBot debug: Calculated post rank: 103 - Loop: 134 - Rank min: 100 - Author rank: 60


 
Hardware-Lücke "Thrangrycat": Cisco arbeitet an Updates und fixt zweite Lücke #Cisco #Hardware-Hacking #Router #SecureBoot #Sicherheitslücken #Switch #Thrangrycat #TrustedAnchorModule


 
Habt ihr auch von dieser fiesen Backdoor in Netzwerkequipment gehört, wie man es beispielsweise bei 5G einsetzen würde? Hard eingebrannte Login-Credentials? So richtig übel?

Wie? Nein, nicht Huawei. Cisco schon wieder.

Na, wer setzt Geld darauf, dass die EU jetzt Cisco verbietet? Aus Sicherheitsgründen? Nicht?

#fefebot #EU #cisco #huawei


 
Habt ihr auch von dieser fiesen Backdoor in Netzwerkequipment gehört, wie man es beispielsweise bei 5G einsetzen würde? Hard eingebrannte Login-Credentials? So richtig übel?

Wie? Nein, nicht Huawei. Cisco schon wieder.

Na, wer setzt Geld darauf, dass die EU jetzt Cisco verbietet? Aus Sicherheitsgründen? Nicht?

#fefebot #EU #cisco #huawei


 

Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are – oh no, wait, it's Cisco again - Better ban this gear from non-US core networks, right?


Right on cue, Cisco on Wednesday patched a security vulnerability in some of its network switches that can be exploited by miscreants to commandeer the IT equipment and spy on people.

This comes immediately after panic this week over a hidden Telnet-based diagnostic interface was found in Huawei gateways. Although that vulnerability was real, irritating, and eventually removed at Vodafone's insistence, it was dubbed by some a hidden backdoor perfect for Chinese spies to exploit to snoop on Western targets.

Which, of course, comes as America continues to pressure the UK and other nations to outlaw the use of Huawei gear from 5G networks over fears Beijing would use backdoors baked into the hardware to snatch Uncle Sam's intelligence.

Well, if a non-internet-facing undocumented diagnostic Telnet daemon is reason enough to kick Huawei kit out of Western networks, surely this doozy from Cisco is enough to hoof American equipment out of British, European and other non-US infrastructure? Fair's fair, no?

It is really about time that network router companies were... show more


 
Jetzt patchen: Cisco schließt Lücken in zahlreichen Produkten #Cisco #Sicherheitslücken #Updates


 

How not to fix a security flaw


The article is behind a paywall but it should be released in a week from now. Anyway the issue is that a security company found a web vulnerability in a web based management tool for small business Linux Servers. The Cisco fix was to disable the curl user-agent from accessing their service!

https://lwn.net/Articles/784224/

#cisco #security # flaw #curl #fail #lwn #paywall


 
Updates: Cisco sichert sein Router- und Switch-System IOS ab #Cisco #Patchday #Sicherheitslücken #Updates #iOS


 

Cisco Fixes RV320/RV325 Vulnerability by Banning “curl” in User-Agent


HN Discussion: https://news.ycombinator.com/item?id=19507225
Posted by pjf (karma: 1767)
Post stats: Points: 206 - Comments: 89 - 2019-03-27T23:14:35Z

#HackerNews #banning #cisco #curl #fixes #rv320 #rv325 #user-agent #vulnerability
HackerNewsBot debug: Calculated post rank: 167 - Loop: 128 - Rank min: 100 - Author rank: 65


 
Cisco: Update-Rundumschlag für zahlreiche Produkte #Cisco #Netzwerke #Sicherheitslücken #Switch


 
Cisco: Das Webex der Zukunft unterhält sich mit Mitarbeitern #Cisco #Gesichtserkennung #GoogleAssistant #Innovation #KI #Spracherkennung #Applikationen


 
Jetzt updaten: Cisco patcht gegen eine von zwei Remote-Attacken #CSPC #Cisco #IP-Telefon #Sicherheitslücken


 
Compute Express Link: Intels CXL-Interconnect verknüft CPUs und Beschleuniger #Intel #Alibaba #Facebook #HPE #Prozessor #SozialesNetz #Supercomputer #Cisco #Google #Huawei


 
Cisco-Updates: Angreifer könnten als Root Firewalls und Switches übernehmen #AdaptiveSecurityAppliance #Cisco #NX-OS #POAP #Patches #Sicherheitslücken #Sicherheitsupdates


 
Cisco-Router: Forscher melden Hinweise auf aktive Angriffe #Cisco #Proofofconcept #Sicherheitslücken


 
Jetzt patchen: Cisco schließt Lücken in mehreren Produkten #Cisco #Router #Sicherheitslücken #WebEx


 
Bild/Foto
Lost the #router at work the other week and had to (quickly) build a replacement. This is it: a used Thinkcenter M91p from the local computer liquidation center for ~$200 (CAD).

It's an i5-2400 (3.1 - 3.4ghz) with 6 GB DDR3 RAM, 3 SATA-II connectors, 1 SATA-I connector, 1 x PCIe slot, and 2 or 3 PCI slots. Came with a SATA DVD drive I squirrelled off for my home system. I added a couple hard drives and network cards laying about.

Currently, it has a pair of 500gb HDD's mirrored (ZFS) running Proxmox with two virtual machines - PFSense (router) and file server (Debian/Samba). Both network cards are passed through to PFSense with the onboard ethernet for the server itself. The router provides segregated service to 3 businesses as well as a separate "DMZ"/wifi network, and about 375 GB on a network share which is basically just a local caching arrangement for a bra... show more


 
Sicherheitsupdate: Cisco Network Assurance Engine mit Standardpasswort #Cisco #NetworkAssuranceEngine #Patch #Sicherheitslücken #Updates


 
Cisco will nach gutem Quartal weiter zulegen #Cisco #Geschäftszahlen #Gewinn #Umsatz


 
Cisco Live EMEA: Eindrücke der Ausstellung #Cisco #Netzwerkmanagement


 
Cisco Live Europe 2019: Cloud und Automatisierung #Cisco #Cloud #Rechenzentrum #Veranstaltung


 
Jetzt patchen! Angreifer machen Jagd auf Cisco-Router #Cisco #Exploit #Patch #RV320 #RV325 #Router #Sicherheitslücken #Updates


 
Cisco: Wichtige Security-Updates für mehrere Produkte #Cisco #Netzwerkausrüstung #Sicherheitslücken #Sicherheitsupdates


 
What a merveilleux arbre de #Noël #Cisco.
Bild/Foto


 
Rhaaaaah, mais c'est quoi l'équivalent de "show ip bgp A.B.C.D" pour #IPv6 ? #Cisco #iOS

This website uses cookies to recognize revisiting and logged in users. You accept the usage of these cookies by continue browsing this website.