US-CERT Warns of Cisco, Juniper Security Flaws

Cyber Threats | News | Kara Reeder, Thursday, December 3, 2009
Cisco Systems, Data Security, Hardware, Juniper Networks, network security, Secure Sockets Layer, VPN
The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about flaws in equipment from four companies -- Cisco, Juniper, SonicWall and SafeNet -- that hackers can exploit to break into corporate computer networks, reports Reuters.

The flaw lies in technology known as SSL VPN and if exploited, could allow hackers to gain broad access to corporate networks, steal confidential data, install malicious software or turn PCs into spam servers. US-CERT researchers have come up three "workarounds" that will minimize, but not eliminate, the risk of an attack.

According to the San Jose Business Journal, Juniper has known about the vulnerability for several years, but told users that workarounds reduce the risks so they don't need to worry about them.

Cisco is no stranger to security flaws. In September, Cisco patched a DoS vulnerability that affected multiple products.

Comments (0) Bookmark and Share

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options