Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Vulnerability Advisory: McAfee AVERT alerts on ten Cisco vulnerabilities exploited by new hacking toolkit

  • 02 April, 2004 10:26

<p>For further information please contact:</p>
<p>Natalie Connor</p>
<p>Tel: +61 (0)2 9956 5733</p>
<p>Mobile: +61 (0)417 259 054</p>
<p>Network Associates First to Announce Comprehensive System and Network Protection to Identify and Block Potential New Attacks</p>
<p>SYDNEY, April 2, 2004 – Network Associates, the leading provider of intrusion prevention solutions, today announced that McAfee AVERT (Anti-virus and Vulnerability Emergency Response Team), the world-class research division of Network Associates, is the first company to provide comprehensive system and network protection against ten Cisco vulnerabilities exploited by a new hacking toolkit. Based on their findings, McAfee AVERT recommends that users confirm the Cisco product versioning outlined below in the Cisco bulletin to ensure protection and to update or deploy the solutions outlined below.</p>
<p>Cisco Vulnerabilities Overview</p>
<p>Cisco 677/678 Telnet Buffer Overflow Vulnerability</p>
<p>Cisco IOS Router Denial of Service Vulnerability</p>
<p>Cisco IOS HTTP Auth Vulnerability</p>
<p>Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability</p>
<p>Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability</p>
<p>Cisco 675 Web Administration Denial of Service Vulnerability</p>
<p>Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability</p>
<p>Cisco IOS Software HTTP Request Denial of Service Vulnerability</p>
<p>Cisco 514 UDP Flood Denial of Service Vulnerability</p>
<p>CiscoSecure ACS Vulnerability</p>
<p>Scope of Potential Compromises</p>
<p>An attack toolkit, called “CISCO Global Exploiter,” has been made widely available to allow anyone to easily launch attacks exploiting these vulnerabilities against any vulnerable CISCO IOS devices. The impact of these vulnerabilities range in scope from causing Denial of Service (DOS), to bypassing the authentication, and to malicious code execution on the device. While some of these vulnerabilities are old, the tool significantly lowers the barrier to exploitation. This can lead to increased attack activities on the critical network infrastructure.</p>
<p>More information on the vulnerabilities can be found at:</p>
<p>Network Associates McAfee Protection-In-Depth strategy provides complete system and network protection for these vulnerabilities with its McAfee IntruShield solution.</p>
<p>McAfee IntruShield stops all ten of these exploits, with the most current signature set and the addition of four User Defined Signatures available from the McAfee IntruShield Support Web site. McAfee IntruShield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.</p>
<p>McAfee AVERT Labs is one of the top-ranked anti-virus and vulnerability research organizations in the world, employing more than 100 researchers in offices on five continents. McAfee AVERT protects customers by providing cures that are developed through the combined efforts of McAfee AVERT researchers and McAfee AVERT AutoImmune technology, which applies advanced heuristics, generic detection, and ActiveDAT technology to generate cures for previously undiscovered viruses.</p>
<p>About Network Associates</p>
<p>With headquarters in Santa Clara, California, Network Associates, Inc. (NYSE: NET), creates best-of-breed computer security solutions that prevent intrusions on networks and protect computer systems from the next generation of blended attacks and threats. Offering two families of products, McAfee System Protection Solutions, securing desktops and servers, and McAfee Network Protection Solutions, ensuring the protection and performance of the corporate network, Network Associates® offers computer security to large enterprises, governments, small and medium sized businesses, and consumers. For more information, Network Associates can be reached on the Internet at</p>
<p># # # ENDS # # #</p>
<p>NOTE: Network Associates, McAfee, IntruShield, Sniffer and AVERT are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the United States and/or other countries. Sniffer® brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks herein are the sole property of their respective owners. ©2004 Networks Associates Technology, Inc. All Rights Reserved.</p>

Most Popular