In association with heise online

26 January 2009, 10:08

Patches for Cisco Security Manager

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco warns that the combination of Cisco Security Manager server and the IPS Event Viewer (IEV) may allow unauthorised access to the underlying MySQL database or the IEV server. It says the cause of the problem is that when the the IEV application is launched it opens remotely accessible ports on the Cisco Security Manager server and on the client. Although when the IEV is subsequently closed, it closes the client ports, it leaves the Cisco Security Manager server ports open.

That leaves the door open, with no requirement for authentication, allowing an un-athenticated attacker to access the MySQL database without alerts being reported by the Intrusion Prevention System.

Cisco Security Manager versions 3.1, 3.1.1.SP3, 3.2.SP2 and 3.2.1.SP1 are affected. Version 3.2.2 doesn't contain the bug. Cisco is providing registered clients with patches for versions 3.1, 3.1.1, 3.2 and 3.2.1.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit