A recent announcement by Verizon Business concerning an expanded suite of protection “in the cloud” from denial-of-service-attacks is a great example of services that should be provided within the service providers’ networks – something that we’ve been advocating for years.
Of course, there’s nothing new about denial-of-service-attacks. These attacks, which started primarily as “TCP SYN” attacks, basically are designed to disable a site – or even an entire network – by using up critical network resources with bogus traffic of some form.
Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server.