Slashdot Mirror

← Back to Stories (view on slashdot.org)

VPN Flaw Allows Denial of Service

Posted by ScuttleMonkey on from the concrete-bunkers-and-razorwire dept.

An anonymous reader writes "Finnish researchers at the University of Oulu have found a vulnerability in ISAKMP (Internet Security Association and Key Management Protocol) -- the technology used in IPsec virtual private network and firewall products from a range of networking companies, including Cisco and Juniper Networks. Cisco said the security flaw could cause devices to reset over and over, which could cause a temporary denial-of-service attack. It did not mention the possibility of the device being taken over by an intruder, while Juniper said it has been aware of the problem since June, so software issued on or after July 28 provide fixes for the flaw."

3 of 64 comments (clear)

  1. Oh Cisco... by emptycorp · · Score: 3, Funny

    Gotta love a company that keeps administrators like me with job security :)

  2. Thanks Jupiner! by jacoplane · · Score: 5, Funny

    "Juniper said it has been aware of the problem since June, so software issued on or after July 28 provide fixes for the flaw."

    Gee, thanks for letting the rest of the world know too!

  3. Re:Lex Karpela.. by Ceriel+Nosforit · · Score: 1, Funny

    But as usual, the average Finn doesn't give a damn about the law. It just becomes yet another matter not to talk loudly about.

    --
    All rites reversed 2010