CLEANACCESS Archives

December 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: DoS possibilities in the Cisco Clean Access product line
From:
"Lanstein, Alex C" <[log in to unmask]>
Reply To:
Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:
Tue, 20 Dec 2005 12:27:01 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (73 lines) 
I'm not sure why they're taking their time.  Maybe everyone's gone for the holidays?  Ha ha.  The file uploading was the biggie...the firmware updating issue was usless if you couldn't upload files - he said it's depreciated anyways so seems fine to rename/remove it.  
 
Atif - Is Peter still one of the engineers over there?  He was one of the original Perfigo guys - seemed pretty bright, hope he didn't take the money and run!  
 
Regards,
Alex Lanstein
 

________________________________

From: Perfigo SecureSmart and CleanMachines Discussion List on behalf of Mark Woods
Sent: Tue 12/20/2005 12:01 PM
To: [log in to unmask]
Subject: Re: DoS possibilities in the Cisco Clean Access product line



In the absense of any further info on this vulnerablility, is it safe to
simply rename the file until instructions are published on how to
mitigate it?

It's been a few days now and nothing more has come of this issue that
I'm aware of.

Thanks,

--

   MARK WOODS, CCNA, CISSP
   IT/Networking
   Miami University
   Oxford, OH


Atif Azim (atif) wrote:
> Folks,
>
> CCA engineering is investigating this issue. The issues mentioned seem
> to stem from deprecated jsp pages that are no longer used. We will
> provide instructions shortly on how this can be mitigated.
>
> Note that if your CAM is protected by a firewall or by ACLs at your
> router you are not at risk.
> If your CAM does not have such protection we recommend that you do put
> such access controls in place.
>
> If you have any emergency or would like further help in the meantime
> please contact me directly.
>
> Regards,
> Atif
> 
>
> -----Original Message-----
> From: Perfigo SecureSmart and CleanMachines Discussion List
> [mailto:[log in to unmask]] On Behalf Of Anthony Maszeroski
> Sent: Friday, December 16, 2005 1:01 PM
> To: [log in to unmask]
> Subject: DoS possibilities in the Cisco Clean Access product line
>
> Link : <http://www.awarenetwork.org/forum/viewtopic.php?p=2236>
> Link : <http://www.securityfocus.com/archive/1/419645>
>
> --
> - Anthony Maszeroski
> -----------------------------------
> Network Security Specialist
> The University of Scranton
> email : [log in to unmask]
> phone : 570-941-4226
> -----------------------------------
>

ATOM RSS1 RSS2