Cisco PIX Firewall Hole Found
A newly discovered vulnerability in the software that manages one of the most widely used firewalls on the Internet could enable an attacker to gain full access to the network the firewall protects.A newly discovered vulnerability in the software that manages one of the most widely deployed firewalls on the Internet could enable an attacker to gain full access to the firewall, and by extension, the network it protects. Some versions of Cisco Systems Inc.s PIX Firewall Manager, or PFM, software save the enable password in cleartext in a log file created during installation. The PFM is typically installed on a Windows NT workstation or server that is used as the management station for the PIX firewall device. The log file containing the password has no access restrictions by default, so if the management station is compromised, the password can be recovered, according to an advisory released by Novacoast International Inc., the network design and security company that discovered the vulnerability.
However, in order to exploit this vulnerability, an attacker must first have access to the management station, which is typically inside the firewall.