Channel News and Analysis - Channel Insider
Empowering the next generation Channel
 
security
Surprising Security Shortcomings After nearly a decade of threat warnings, evolving threats and billions of dollars in technology investments, you’d think that businesses have at least a baseline of IT security protections. Recent reports reveal some surprising security shortcomings in the business community.

Sponsored Links
  • SonicWALL VS Status Quo Solutions. No Contest
  • Sell BlackBerry® Technical Support and earn
  • Ready. Set. 7. See who’s building with Windows 7.
  • Special support for Microsoft partners in today’s economy
  • Green is a huge opportunity with HP PartnerONE


    		•  

    Pair of Cisco Apps Are Open to Attack

    in Channel News and Analysis

    DATE: 2004-04-08
    By Dennis Fisher

    Article Rating:starstarstarstarstar / 0
    Article Views: 348

    Rate This Article:
    Poor Best
    Add This Article To:
    Cisco warns customers that the software application that manages its wireless LAN products and another one used to monitor services in data centers contain unchangeable default passwords, opening them up to compromise by attackers.

    Cisco Systems Inc. on Wednesday warned customers that the software application that manages its wireless LAN products and another one used to monitor services in data centers contain unchangeable default passwords, opening them up to compromise by attackers.

    The company said both its Wireless LAN Solution Engine and its Hosting Solutions Engine ship with default username and password pairs that are hard-coded into the software and cannot be changed by users. This means that any user who can log into one of the applications will have complete control over whatever devices the application manages.

    It also opens up other attack scenarios. For example, an attacker could log into the WLSE and change access rights and permissions for users or set up his own access point on the network and hide it, giving him the ability to listen in on the network's traffic.

    Customers use the WLSE to manage all of the devices in Cisco's wireless LAN product line, including access points and stations. The HSE is designed to help monitor services in data centers. Versions 2.0, 2.0.2 and 2.5 of the WLSE are vulnerable, and HSE 1.7, 1.7.1, 1.7.2 and 1.7.3 are affected as well.

    Resource Library:
    Click here for the full story.



    Discuss Pair of Cisco Apps Are Open to Attack
     
    >>> Be the FIRST to comment on this article!
     

     
     
    >>> More Channel News and Analysis Articles          >>> More By Dennis Fisher
     



    		 

    Related Content

    Articles Labs/How-To Multimedia

    SIGN UP FOR CHANNEL INSIDER NEWSLETTERS
    Reliable, timely information on the business of technology. Sign up now.

    RSS SUBSCRIPTIONS
    XML
    Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

    ZDE Services
    > Ziff Davis Enterprise White Paper Library

    > eWEEK Blogs

     

    CHANNEL RESOURCE CENTER
     
     
    Best Free Antivirus Apps
    Microsoft isn’t the first vendor to offer free antivirus software to consumers and small businesses. Several vendors have free general available versions of their malware protection suites. Their strategy: get customers interested and open opportunity to partners. Here are few worth free AV packages worth considering.
    View Slideshow

    Top 10 Most Profitable Vendor Certifications
    Solution providers that invest in vendor technical certifications are more profitable, sell more complex systems and have better relationships with their customers, according to the new Channel Insider/Amazon Consulting certification study. But not all vendor certifications have the same ROI. The following vendors have the best certifications for return on their partners’ investment.
    View Slideshow
    The IT industry is in the midst of a mass metamorphosis. Lines are blurring between networking technologies, storage, servers, software and telephony. Vendors that represent the tried and true establishment in one discipline are now making hard-right turns into new, largely unfamiliar and often competitive markets. Read on to see just a few of the major convergence plays of the last year.
    View Slideshow