Cisco Upgrades Itself to Resolve Security Issues in their Products

Cisco has recently released update patches to take care of some denial-of-service issues in the software controlling their components like Wireless Lan Controller, Secure Real Time Transport Protocol and Cisco Adaptive Security devices. The following threats have been fixed with the patch:

Attackers were able to get access to a device by sending specially programmed HTTP requests. This vulnerability gave unauthorized attackers a chance to run arbitrary codes on the system and cause buffer overflow leading to system reload.

Another problem fixed relates to the operation of Cisco WLC software. It left possibilities of compromise much like the above one in the way it dealt with Bonjour traffic.

What else happened?

Cisco AireOS software, which is used in some of Cisco’s Wireless Lan Controller systems was also patched up. The software could be used by hackers to access websites that are generally not compatible or accessible from the device’s inbuilt management software.

How can it help?

A problem with DHCPv6 validation was also taken care of in the Cisco ASA software. The issue was encountered in Cisco 7600 routers, Cisco Catalyst 6500 switches and Cisco ASA 5500 X range of Next- Generation Firewalls.

Many Cisco products that utilize the library for operation were left open to compromise by an issue in libSRTP. It could be damaged by attackers with specially programmed SRTP packets. This issue has also been fixed in the update.