Cisco admits to more vulnerabilities

After weaknesses in IOS, there are now problems with Cisco's security appliances and firewall module
Written by Richard Thurston, Contributor

Cisco has found two more vulnerabilities in its range of networking products.

The latest weaknesses are found in Cisco's PIX 500 series security appliances, its 5500 series of adaptive security appliances and its firewall services module. Hackers could use the various vulnerabilities to crash a networking appliance and bypass security policies. A related vulnerability can be used to corrupt access control lists, allowing traffic that should be blocked to pass into the corporate network.

Cisco has made patches available for the firewall service module and appliance vulnerabilities.

Just three days ago, Cisco revealed two vulnerabilities within IOS, the operating system on which its routers run. Left unpatched, they could result in the routers crashing and intrusion prevention software being circumvented.

Secunia, the vulnerability tracking firm, said the latest vulnerabilities were "moderately critical".

Editorial standards