Cisco bug could put hackers in driver's seat

April 8, 2004

Last modified: April 8, 2004, 8:30 AM PDT

By Marguerite Reardon

Staff Writer, CNET News.com

Networking giant Cisco Systems warned customers on Wednesday about a security flaw that could compromise two products used to manage wireless local area network devices and data center switches.

The company said in the warning posted on its Web site that a preset username and password coded into its Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) could give attackers complete control of the devices. Attackers could use this control to add new users, modify details of existing users or even change the device's configuration, the company said.

WLSE is software that manages Cisco Aironet Wi-Fi products such as the wireless access points. The product simplifies the configuration and monitoring of the Aironet devices. It also has security features that can detect unauthorized or rogue access points. If an attacker is able to control this management tool, he or she could hide the presence of a rogue access point or change the radio frequency plan, potentially causing systemwide outages.

The HSE is an appliance that manages data center network infrastructure, such as switches that balance loads across e-business servers. The product allows authorized users to remotely monitor, activate and configure services and devices, even through firewalls. The security hole could allow attackers who gain access to the device to use it as a launching platform to redirect traffic coming into or out of the data center. Ultimately, this could result in network downtime and revenue loss.

The vulnerability affects WLSE versions 2.0, 2.0.2 and 2.5 and HSE versions 1.7 through 1.7.3. Cisco said there is no way to work around the problem and that it is urging customers to download software patches it has posted on its Web site.

Cisco said it isn't aware of any attacks that use the hard-coded log-in information.

Cisco's wireless products have been the subject of several security warnings over the past year. In December, the company warned that some of its Aironet wireless access points were transmitting security keys over the air in unencrypted text, meaning that an eavesdropper could intercept them. With the keys, an attacker could easily break the encryption protecting Wi-Fi transmissions.

Back in July, the company discovered two other flaws that potentially compromised some access points. One security hole could have allowed an attacker to discover account names, while the second could freeze the access point and bring down the wireless access zone.

But it's not just the wireless products that have had serious security problems. The company has also issued warnings for its other products. In March, the company warned customers that software code exploiting nine vulnerabilities was found in its Internetwork Operating System. This software runs on most of Cisco's products, including its Catalyst Ethernet switches and Internet Protocol routers.

http://news.com.com/2100-1039_3-5187233.html?tag=nefd.top