http://www.vnunet.com/vnunet/news/2141302/cisco-issues-hacker-patch Iain Thomson vnunet.com 18 Aug 2005 Cisco has released a patch for its Cisco Clean Access (CCA) software, which is designed to seek out unsafe hardware on a network. The patch, rated less critical by Secunia, covers a flaw in the Application Program Interface (API) and would allow a hacker to use specially crafted code to gain control of the system. The compromised code could then be used to allow infected machines onto the network or to ban clean computers from access. "Cisco is not aware of any public announcements or malicious use of the vulnerability," said the company in a statement. "[We] would like to thank Troy Holder from the North Carolina State University for bringing this to our attention." Registered Cisco users can download the patch from here [1] and for those without a support contract, a workaround [2] has been posted on the company's website. [1] http://www.cisco.com/pcgi-bin/tablebuild.pl/cca-patche [2] http://www.cisco.com/warp/public/707/cisco-sa-20050817-cca.shtml _________________________________________ Attend ToorCon Sept 16-18th, 2005 Convention Center San Diego, California www.toorcon.org
This archive was generated by hypermail 2.1.3 : Mon Aug 22 2005 - 01:32:19 PDT