back to article Java bug burns Borg

Cisco has asked users of its Secure Access Control System 5.5 or lower to implement an urgent patch, as it has spotted several problems with its RMI implementation. There are three independent bugs: one privilege escalation vuln (CVE ID CVE-2014-0649, here), an unauthenticated user access vulnerability (CVE 2014-0648 here), …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. xperroni
    Big Brother

    Resistance is quite effective, actually

    This must be the first time I hear Cisco being referred to as "the Borg". Have I been reading the wrong news all these years? It seems awfully late to call them that now, as the biggest customers start to cook their own kit and everyone else* settles for Huawei.

    * Except perhaps Americans, who have strong (not to mention government-enforced) opinions about getting their Chinese-built, spyware-ridden kit from true American(TM) companies. Go figure.

    2 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Resistance is quite effective, actually

      Quite - Surely Google is the One True Borg (tm)

      0 0
  2. Kevin McMurtrie Silver badge
    Facepalm

    I think I see the problem

    It could be that these vulnerabilities are CAUSED BY HAVING RMI ON A SECURITY SYSTEM. Seriously, why would you do that? That's like trying to create a safe and secure zone inside a forrest.

    1 0
  3. Alan Denman

    blame it on China ?

    when the US went their usual sly protectionist way and accused China of having backdoors the US meant 'it ain't got our backdoors'.

    1 0
This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021

Do not sell my personal information Cookies Privacy Ts&Cs