Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco Patches Authentication, Denial-of-Service, NTP Flaws In Many Products (csoonline.com)

Posted by timothy on from the work-never-ends dept.

itwbennett writes: Cisco Systems has released a new batch of security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls. The RV220W vulnerability stems from insufficient input validation of HTTP requests sent to the firewall's Web-based management interface. This could allow remote unauthenticated attackers to send HTTP requests with SQL code in their headers that would bypass the authentication on the targeted devices and give attackers administrative privileges.

17 of 33 comments (clear)

  1. HTTP requests with SQL code by ls671 · · Score: 2

    HTTP requests with SQL code: about using prepared statements and parameterized queries?

    --
    Everything I write is lies, read between the lines.
  2. Input validation does not cause SQLi by WaffleMonster · · Score: 3, Insightful

    The only cause of SQLi is gross incompetence. It can never be caused by an accident or failure to do something.

    It can only caused by willful and deliberate action to do something you know or should know to be wrong, stupid and dangerous at the time you did it. Unbound query strings don't build themselves.

    1. Re:Input validation does not cause SQLi by Anonymous Coward · · Score: 1

      > The only cause of SQLi is gross incompetence.

      How true.

      What perhaps horrifies me more is that the phantasy in our profession can't come up with a decent GUI other than with this browser + web server + sql data base monstrosity; most probably a PHP abomination and a MySQL database (not that a node or django -- and a couch or mongo would make that better) *plus* a big fat chunk of javascript with an embedded, mutilated mutant of jquery or similar.

      I'm deeply ashamed of the trade I'm in.

    2. Re:Input validation does not cause SQLi by Anonymous Coward · · Score: 1

      Another 'Big Name' exposed as lacking quality , too little, too late.
      Apple is a 'premium' company, while the 'premium' on this brands reputation has been outed.
      May as well by cheap Chinese crap because it does the same thing, and probably no worse.
      Throw in a few back doors, compromised keys - no corporate automatic sales for you.

      Cisco and Blackberry - what will they have in common going forward?

  3. Hey timothy by DNS-and-BIND · · Score: 2

    Why are you the only one posting stories recently? The other two crappy editors who posted dupes haven't been heard from in a while.

    Hey timothy, I dare you, post another link to forbes.com.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re: Hey timothy by Anonymous Coward · · Score: 1

      No they won't.

    2. Re: Hey timothy by drinkypoo · · Score: 1, Insightful

      Come on. Show some compassion. People losing their jobs is not something to be so cavalier about, regardless of your opinions of them.

      Yes, yes it is, because they were shit at their fucking jobs. In a world in which there are so many people homeless, jobless, hopeless, it's fucking pathetic to see people phone in their job like they can't be arsed to give one tenth of one fuck. That's especially true in tech, where more and more workers are losing their jobs even when they do them.

      If they were good at their jobs, or even made more than a token effort, then we would miss them. They were shit, and they shit up Slashdot, and if you miss them, you're part of the fucking problem because you've been giving them a free pass for their shit work. Why would I miss an employee with no work ethic?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  4. I still wonder by jones_supa · · Score: 2

    A great part of the Internet is woven together by those turquoise boxes. They form a vulnerable part of the infrastructure. I find it strange that open source tinfoil hatters have not criticized more the fact that all of that gear runs proprietary code. All of the boxes could have a backdoor that allows a government surveillance organization to connect and change settings or to wiretap passing traffic. Why do not these discussions usually come up?

    1. Re:I still wonder by jones_supa · · Score: 1

      That's what I want to say to the people taking about UEFI backdoors.

    2. Re:I still wonder by valnar · · Score: 1

      If the Internet is woven together by the Small Business Line of Cisco, we're in trouble.

  5. Cisco patches RV220W firewall .. by tetraverse · · Score: 1

    If Cisco can't get it right then what hope does the rest of us have. But then again using a html protocol to remotely control a security device isn't the best of ideas.

    1. Re:Cisco patches RV220W firewall .. by AchilleTalon · · Score: 2

      HTML isn't a protocol. HTTP and HTTPS are.

      --
      Achille Talon
      Hop!
  6. RV220W... by l0n3s0m3phr34k · · Score: 1

    Was never supposed to be an "enterprise" piece of equipment anyway. It's part of their Small Business line, which used to be called Linksys. Thus why it has an HTML-based gui, craptastic security, etc. If you want decent hardware with the Cisco name, prepare to spend around $1,000 for an ASA 5500 series, and then another $500+ for an Aironet to get the wireless. You get what you pay for, and Cisco has never been cheap. If the product is cheap, then expect issues like there. I finally gave up on my RW180 because it just wouldn't keep the PAT going after a few hours. Even when their tech remoted in and checked that it was all set up properly, it still died after less than a day and required a reboot to get it to work again. So far, the $25 small form factor Dell with PfSense is running far better and has had zero issues.

    1. Re:RV220W... by drinkypoo · · Score: 1

      If you want decent hardware with the Cisco name, prepare to spend around $1,000 for an ASA 5500 series, and then another $500+ for an Aironet to get the wireless.

      And then you can still expect amateur hour security mistakes, and intentional back doors, because we're talking about Cisco, and that's how they roll. There have been multiple serious holes in IOS.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:RV220W... by l0n3s0m3phr34k · · Score: 1

      Indeed! In fact, we used a documented exploit to reboot a bad 6000 series switch at work. White-hat hacking at it's finest LOL

  7. Links are reversed by phishybongwaters · · Score: 2

    If anyone else ends up clicking the "security updates" link in the summary and starts to wonder why they are only talking about the RV220W, it's because the submitted reversed the links, you need to click the Cisco RV220W link to get the article with ALL the products.

  8. It's their "small business" line of product by zerofoo · · Score: 1

    This stuff is the crap leftover from the Linksys acquisition. I would be willing to bet none of their SMB products share much code with their big business stuff (ASA, Catalyst, and their real routers based on IOS).

    If you've ever called tech support for their "pro" stuff - you get some pretty awesome people usually based in the US. Last time I called their SMB support teams I got a guy in Bulgaria (in his defense he did quickly recognize that my defective hardware needed to be replaced).

    This type of flaw is probably not a systemic problem with Cisco's other products.