Cisco warns of GSS DNS vulnerability
By Jim Duffy on Thu, 01/08/09 - 3:21pm.
Cisco is warning of a security hole in its Cisco Application Control Engine Global Site Selector (GSS) that could lead to a crash of the engine's DNS service. The crash could happen when processing specific DNS requests, according to Cisco in its security advisory. Cisco has published updates and workarounds to mitigate this vulnerability.
The Cisco GSS platform allows customers to leverage global content deployment across multiple distributed and mirrored data locations, optimizing site selection, improving DNS responsiveness, and ensuring data center availability, according to Cisco.
All versions of GSS system software prior to 3.0(1) are affected by this vulnerability. If the GSS is configured with the optional Cisco Network Registrar (CNR) software, the device is not vulnerable, according to the Cisco advisory.
More Cisco security advisories
More from Cisco Subnet:
* Cisco: Consumer business to be worth $10 billion in 5 years
* Three candidates pass Cisco's network design beta exam
* Billion-dollar financial fraud revealed within Satyam, a Cisco collaboration partner
* How I got sold on FCoE
* Job Prospects Better for CCxP than CCIE?
* VoIP is dead? - depends on what you define as VoIP
* Under the hood: Cisco unified communications
* Cisco News and Review podcast
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, training/book giveaways, and more.
- About The Cisco Connection
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise