August 26, 2004 9:56 AM PDT

Cisco reports access control server flaws

By Marguerite Reardon
Staff Writer, CNET News

Cisco on Wednesday posted an advisory warning about four vulnerabilities in its Secure Access Control Server (ACS). The first flaw causes the Web interface of the ACS to stop answering requests when it's flooded with TCP connections. The second error crashes systems using Cisco's remote access authentication protocol, called light extensible authentication protocol. The third vulnerability is related to an error in the handling of traffic using Novell directory services. And the fourth problem occurs when hackers spoof IP addresses to match an authenticated user's address to gain access to the Web-based graphical user interface of the ACS.

Versions affected by these vulnerabilities include 3.2, 3.2 (2) and 3.2 (3). Details of the warning and patches to fix the problems are available on Cisco's Web site.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

ie8 fix

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

Markets

Market news, charts, SEC filings, and more

Related quotes

Cisco Systems (-0.37%) -0.06 16.33
Dow Jones Industrials (-0.60%) -74.92 12,454.83
S&P 500 (-0.22%) -2.86 1,317.82
NASDAQ (-0.07%) -1.85 2,837.53
CNET TECH (-0.20%) -4.05 2,040.30
  Symbol Lookup
ie8 fix
  • Recently Viewed Products
  • My Lists
  • My Software Updates
  • Promo
  • Log In | Join CNET