123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Cisco Issues Security Advisory To Warn Against Vulnerabilities In Content Service Gateway

Profile Picture
By Author: Peter Martin
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Recently, security researchers at Cisco disclosed security flaws in its second generation content service gateway (CSG2). Content service gateways are used by organizations to offer access to content on their sites at a price. The gateway analyses the data traffic and allows organizations to bill the customers for the content offered. CSG 2 runs on Service and Application Module for IP (SAMI). One of the vulnerabilities has been identified as a service policy bypass vulnerability, which allows an attacker to circumvent billing polices and gain unauthorized access to restricted content. The vulnerability allows customers of an organization to gain access to sites with similar billing policy without being charged. The security flaw also allows customers to gain access to sites, which are generally configured to restrict access.

The affected CISCO IOS Software include 12.4 (11)MD, 12.4(15)MD, 12.4(22)MD and versions released prior to 12.4(24)MD 3, 12.4(22)MDA 5 and 12.4(24)MDA 3 on CSG2.

Content service gateways allow organizations to earn for the content offered on their websites. and restrict improper use of ...
... content by third parties. The gateways prevent other service providers from taking undue benefit of content available on an organizations website.

Security researchers at Cisco have also identified two vulnerabilities in Cisco IOS Software 12.4(24)MD1 for CSG2. The identified vulnerabilities may cause denial-of-service condition on CSG 2. Attackers may use well-crafted Transmission Control Protocol (TCP) packets to gain unauthorized access and cause denial of service stopping the traffic flow to CSG2. The vulnerability requires only one active service content to be active to be exploited by the attackers. The vulnerabilities affect IOS Software 12.4(24)MD1 for the second generation content service gateway. The vulnerability may cause the gateway to reload or stuck denying services.

Usually, ethical hackers help developers in identifying vulnerabilities prior to individuals with malicious intent to prevent their exploitation. Cisco is yet to issue any patch for the vulnerabilities.

Developers are faced with the constant challenge of developing secured products. Attackers on the other hand constantly endeavor to breach security mechanisms. Online training programs enable self paced learning and skill enhancement facility to product developers without disrupting their work obligations.

Information security training may help employees of an organization to understand the relevant security threats, gain insights on the likely implications, understand the first response procedures and ensure timely reporting of vulnerabilities.

Total Views: 306Word Count: 387See All articles From Author

Add Comment

Computers Articles

1. 6 Benefits Of Bespoke Software Development
Author: goodcoders

2. Understanding 10 Most Important Computer Cables And Their Uses
Author: SF Cable

3. Rca And 14 To Rca Cable An Overview
Author: SF Cable

4. Restaurant Pos Software
Author: sidharthh

5. Iec 320 C14 Vs C13 Power Cords - Which Is The Right Pick For You?
Author: SF Cable

6. Industrial Power Cord Solutions: Sjt Heavy-duty Cords
Author: SF Cable

7. Leveraging Social Media In Student Recruitment: What Works And Why
Author: Brenda Joyce

8. The Benefits And Challenges Of Implementing A B2b Loyalty Program
Author: Archi

9. How To Connect Indoor Cameras With Monitoring Systems?
Author: SF Cable

10. How To Connect Multiple Devices To A Shared Printer?
Author: SF Cable

11. Nema 5-20 Extension Cords - Maximize Your Computer's Power Potential
Author: SF Cable

12. Best Microfinance Software In Lucknow
Author: SigmaIT Software Designers Pvt. Ltd.

13. The Ultimate Guide To Building Your Own Food Delivery App
Author: Elite_m_commerce

14. The World In 2030: Top 10 Future Technologies
Author: Matthew brain

15. 5–step Proven Process For Successful Software Project Outsourcing
Author: goodcoders

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: