Friday 20 February 2015

Cisco Warns Of Attacks On The ASA VPN Software


Cisco warns organizations for attacks on the ASA software allowing attackers credentials can get their hands on for VPN connections or malware can spread. The vulnerability is in the Clientless SSL VPN software. The software provides ASA-administrators the ability to customize the appearance of the Client SSL VPN portal.

A vulnerability in the "customization framework" which the adjustments are made allow a remote attacker without login details the contents of the Clientless SSL VPN portal adjust. This makes it possible to steal login details, cross-site scripting (XSS) and other web attacks to perform and distribute malware instance. Once a VPN portal is compromised adaptations of the persistent attacker.

Restarting the server or changing the ASA Software custom objects will does not remove. The leak was unveiled late last year and patched. Yet who now find attacks rather abuse the vulnerability. In addition, on the Internet also exploit code appeared. Cisco has in the warning information also given how compromised VPN portal can be recognized.

3 comments:

  1. Hey, great blog, but I don’t understand how to add your site in my rss reader. Can you Help me please? software per navigare anonimi

    ReplyDelete
    Replies
    1. Just copy my blog link and paste it in your rss feed.. go through this below link for help
      http://www.2createawebsite.com/traffic/create-rss-feeds.html

      Delete
  2. First Read Terms & Conditions of all the VPN Software's.. All are doing businesses..
    Prefer Tor or Open VPN kind of services or if you are a privacy and security lover then read this below link:

    http://malwarebattle.blogspot.com.tr/2015/05/frisian-usb-stick-for-anonymous-surfing.html

    ReplyDelete