Detecting security flaws in Cisco firewall application

Picture 1 of Detecting security flaws in Cisco firewall application A security expert has just released a security flaw in Cisco's PIX firewall application that could be exploited to gain access to the enterprise network.

In the presentation at this year's Black Hat Conference on VoIP security, researcher Hendrik Scholz of Freenet Cityline GmbH revealed a technique to bypass Cisco's firewall application.

" Can open any port we want and access the internal network server remotely ," Scholz said. " Moreover, this technique can be done very easily. We discussed with Cisco how to fix this security error ."

Details of PIX security errors are not published.

Scholz also declined to comment on a technical issue of exploiting security flaws, only to know he is waiting for Cisco to fix the bug. All information will be revealed in the future.

Cisco spokesman John Noh confirmed that Cisco is conducting further research on the security flaw.

Hoang Dung