The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Cisco Clean Access Agent (Perfigo) bypass


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: 19 Aug 2005 16:30:24 -0000
From: [email protected]
To: [email protected]
Subject: Cisco Clean Access Agent (Perfigo) bypass
X-Virus-Scanned: antivirus-gw at tyumen.ru

Description: 
Cisco Clean Access is an easily deployed software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network. It identifies whether networked devices such as laptops, personal digital assistants, even game consoles are compliant with your network's security policies and repairs any vulnerabilities before permitting access to the network. 

Vendor site:
http://www.cisco.com/en/US/products/ps6128/

Affected versions: 
This works in at least 3.5.3.1 and 3.5.4.

Discovery Date: 
2005-08-12

Report Date: 
2005-08-19

Severity:
Medium

Vulnerability: 
End users can bypass the "mandatory" installation of the Clean Access Agent by changing the User-Agent string of their browser. This allows them to connect to the network without the host-based checks being run. If configured, remote checks are still run.


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру