In association with heise online

02 November 2006, 18:08

Security update for Cisco's Security Agent Management Center

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco has released a flaw advisory describing a vulnerability in Cisco Security Agent Management Center (CSAMC) through which an unauthorised user could fool the authentication process and log in as an administrator. The Security Agent Management Center is used to remotely configure the Security Agents (CSA) for clients and server. An attacker with privileged rights could deactivate the protection through CSAs for all devices.

The attack will only function if CSMAC uses an LDAP server for authentication, which is not the default setting. Where that is the case, the attacker need only enter the name of a valid administrator and can leave the password empty while simulating a specific error message to the LDAP server. This causes the CSMAC to misinterpret the login procedure as valid. Only version 5.1 of CSMAC is affected, with an update already released to remove the problem.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit