Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Multiple Security Products like UTMs, Firewalls, VPN Solutions found Vulnerable (paritynews.com)

hypnosec writes: Most of the security appliances in use today ranging from software based firewalls to Unified Threat Management (UTM) systems and email and web gateways are packed with serious security vulnerabilities it has been revealed. According to Ben Williams of NCC Group, security appliances sold by different vendors and used in production environments are based on Linux with outdated or old kernel versions that are vulnerable to some or other kind of exploits. Presenting the findings at the Black Hat Europe 2013 security conference, Williams revealed that on top of the not so properly maintained Linux, even the web applications that provide the front end aka GUI for the appliance are insecure. As detailed in his whitepaper some of the common vulnerabilities found in almost all products were inability to protect against brute-force password cracking attempts; cross-site scripting flaws; cross-site request forgery; command injection vulnerabilities and privilege escalation.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Multiple Security Products like UTMs, Firewalls, VPN Solutions found Vulnerable

Comments Filter:

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (9) Dammit, little-endian systems *are* more consistent!