Fwd: Cisco Security Advisory: Crafted Timed Attack Evades Cisco Security Agent Protections

[Scott Genung <sagenung () ILSTU EDU>]

All,

For those of you using Cisco's CSA.

> Date: Fri, 12 Nov 2004 03:30:30 -0800 (PST)
> From: CCO Field Notice <cco-pat-bouncehandler () external cisco com>
> Subject: Cisco Security Advisory: Crafted Timed Attack Evades Cisco Security
>  Agent Protections
>
> Message Type : Security Advisory
>
> The product affected is currently NOT IN ANY PROFILE therefore a mass
> mailing to our entire mailing list is necessary.
>
>
> Title:   Cisco Security Advisory: Crafted Timed Attack Evades Cisco
> Security Agent Protections
>
> URL:
> http://www.cisco.com/en/US/customer/products/sw/secursw/ps5057/products_security_advisory09186a008034607c.shtml
>
>          (available to registered users)
>
> http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_security_advisory09186a008034607c.shtml#summary
>          (available to non-registered users)
>
> Posted: November 11, 2004
>
> Summary: Cisco Security Agent (CSA) provides threat protection for server
> and desktop computing systems,
> also known as endpoints.  It identifies and prevents malicious behavior,
> thereby eliminating known and unknown
> security risks.
>
> A vulnerability exists in which a properly timed buffer overflow attack
> may evade the protections offered by CSA.
> The system under attack must contain an unpatched underlying vulnerability
> in system software that CSA is configured
> to protect.  Another prerequisite for the attack is that a user must be
> interactively logged in during the attack.


Scott Genung
Manager of Networking Systems
Telecommunications and Networking
Illinois State University
124 Julian Hall
Normal, IL 61790-3500

Phone: (309)438-7258
Web: http://www.tel.ilstu.edu

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.