Network security vulns keep sysadmins busy
Sysadmins can look forward to clocking some overtime this week after Cisco warned of flaws in how its core operating system handles malformed SSL traffic.
Several types of SSL messages (such as ClientHello and ChangeCipherSpec), when malformed, can crash vulnerable appliances running IOS, which are configured to accept SSL protocol packets. The scope of the vulnerability is confined to denial of service attacks. There's no code execution or snooping risk.
At Channel Register.
[ Read more ]