US-CERT Warns of Cisco, Juniper Security Flaws

By Kara Reeder | Dec 3, 2009 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/us-cert-warns-cisco-juniper-security-flaws
The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about flaws in equipment from four companies -- Cisco, Juniper, SonicWall and SafeNet -- that hackers can exploit to break into corporate computer networks, reports Reuters.

The flaw lies in technology known as SSL VPN and if exploited, could allow hackers to gain broad access to corporate networks, steal confidential data, install malicious software or turn PCs into spam servers. US-CERT researchers have come up three "workarounds" that will minimize, but not eliminate, the risk of an attack.

According to the San Jose Business Journal, Juniper has known about the vulnerability for several years, but told users that workarounds reduce the risks so they don't need to worry about them.

Cisco is no stranger to security flaws. In September, Cisco patched a DoS vulnerability that affected multiple products.