Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Cisco Security Advisory: Vulnerability In CryptoLibrary



> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx 
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf 
> Of Cisco Systems Product Security Incident Response Team
> Sent: Tuesday, May 22, 2007 6:58 PM
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Cc: psirt@xxxxxxxxx
> Subject: [Full-disclosure] Cisco Security Advisory: 
> Vulnerability In CryptoLibrary
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> Cisco Security Advisory: Vulnerability In Crypto Library
> 
> Advisory ID: cisco-sa-20070522-crypto.shtml
> 
> http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml
> 
> Revision 1.0
> 
> For Public Release 2007 May 22 1300 UTC (GMT)
> 
> - 
> --------------------------------------------------------------
> ----------------
> 
> Summary
> =======
> 
> A vulnerability has been discovered in a third party 
> cryptographic library
> which is used by a number of Cisco products. This vulnerability may be
> triggered when a malformed Abstract Syntax Notation One 
> (ASN.1) object is
> parsed. Due to the nature of the vulnerability it may be 
> possible, in some
> cases, to trigger this vulnerability without a valid 
> certificate or valid
> application-layer credentials (such as a valid username or password).
> 
> Successful repeated exploitation of any of these 
> vulnerabilities may lead to a
> sustained Denial-of-Service (DoS); however, vulnerabilities 
> are not known to
> compromise either the confidentiality or integrity of the 
> data or the device.
> These vulnerabilities are not believed to allow an attacker 
> will not be able to
> decrypt any previusly encrypted information.
> 
> The vulnerable cryptographic library is used in the following 
> Cisco products:
> 
>   * Cisco IOS
>   * Cisco IOS XR
>   * Cisco PIX and ASA Security Appliances
>   * Cisco Firewall Service Module (FWSM)
>   * Cisco Unified CallManager
> 
> This vulnerability is assigned CVE ID CVE-2006-3894. It is externally
> coordinated and is tracked by the following external coordinators:
> 
>   * JPCERT/CC - tracked as JVNVU#754281
>   * CPNI - tracked as NISCC-362917
>   * CERT/CC - tracked as VU#754281
> 
> Cisco has made free software available to address this 
> vulnerability for
> affected customers. There are no workarounds available to 
> mitigate the effects
> of the vulnerability.
> 
> This advisory is posted at 
> http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.
> 
> Note: Another related advisory is posted together with this Advisory.
> It also describes vulnerabilities related to cryptography that affect
> Cisco IOS. A combined software table for Cisco IOS only is 
> available at
> http://www.cisco.com 
> /warp/public/707/cisco-sa-20070522-cry-bundle.shtml
> and can be used to choose a software release which fixes all
> security vulnerabilities published as of May 22, 2007. The related 
> advisory is published at 
> http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml
> 
> Affected Products
> =================
> 
> Vulnerable Products
> +------------------
> 
> This vulnerability affects all products that use affected 
> versions of third
> party cryptographic libraries and enabled applications that are using
> crypto-related function. The following Cisco products are 
> identified to be
> vulnerable:
> 
>   * Cisco IOS
>   * Cisco IOS XR
>   * Cisco PIX and ASA Security Appliances (only 7.x releases 
> are affected)
>   * Cisco Firewall Service Module (FWSM), all releases prior 
> 2.3(5) and 3.1(6)
>     are affected
>   * Cisco Unified CallManager
> 
> The following text lists application layer protocols or 
> features that must be
> enabled in order for a device to be vulnerable. It is 
> sufficient that only one
> protocol or feature is enabled in order for a devices to be 
> vulnerable. In
> order to be not vulnerable, all of the listed application 
> protocols or features
> must be disabled.
> 
> Affected protocols in Cisco IOS
> +------------------------------
> 
> To determine the software running on a Cisco IOS product, log 
> in to the device
> and issue the "show version" command to display the system 
> banner. Cisco IOS
> software will identify itself as "Internetwork Operating 
> System Software" or
> simply "IOS." On the next line of output, the image name will 
> be displayed
> between parentheses, followed by "Version" and the Cisco IOS 
> release name.
> Other Cisco devices will not have the "show version" command, 
> or will give
> different output.
> 
> Only Cisco IOS images that contain the Crypto Feature Set are 
> vulnerable.
> Customers who are not running an IOS image with crypto 
> support are not exposed
> to this vulnerability.
> 
> Cisco IOS feature set naming indicates that IOS images with 
> crypto support have
> 'K8' or 'K9' in the feature designator field.
> 
> The following example shows output from a device running an 
> IOS image with
> crypto support:
> 
>     Router>show version
>     Cisco IOS Software, 7200 Software (C7200-IK9S-M), Version 
> 12.3(14)T1, RELEASE SOFTWARE (fc1)
>     Technical Support: http://www.cisco.com/techsupport
>     Copyright (c) 1986-2005 by Cisco Systems, Inc.
>     Compiled Thu 31-Mar-05 08:04 by yiyan
> 
> 
> Since the feature set designator (IK9S) contains 'K9', it can 
> be determine that
> this feature set contains crypto support.
> 
> Additional information about Cisco IOS release naming is 
> available at the
> following link: 
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/product
> s_white_paper09186a008018305e.shtml.
> 
> You are affected by this vulnerability if you are running one 
> of the vulnerable
> IOS software releases and have, at least one, of the 
> following protocols or
> features enabled:
> 
>   * Internet Security Association and Key Management Protocol (ISAKMP)
>   * In some IOS releases the Secure Socket Layer (SSL) may 
> also be affected
>   * Threat Information Distribution Protocol (TIDP)
>   * Cisco IOS SIP Gateway Signaling Support Over TLS (SIP-TLS)
>   * Extensible Authentication Protocol-Transport Layer 
> Security (EAP-TLS)
> 
> As some other protocols may use affected crypto library the 
> most accurate way
> to determine if your IOS release is vulnerable is to consult 
> fixed IOS releases
> table.
> 
> Internet Security Association and Key Management Protocol (ISAKMP)
> +-----------------------------------------------------------------
> 
> To determine if your device has ISAKMP enabled, enter the command 
> "show crypto isakmp policy". Below is an example of a device that has 
> ISAKMP enabled.
> 
>     Router#show crypto isakmp policy
> 
>     Global IKE policy
>     Protection suite of priority 1
>     <more output>
> 
> 
> If your output is like in the following example then you do 
> not have IKE
> enabled on your device.
> 
>     Router#show crypto isakmp policy
>     ISAKMP is turned off
> 
> 
> In Cisco IOS two features rely on ISAKMP - IPSec and Group Domain of
> Interpretation (GDOI). Presence of either of these features 
> is detected by the
> previous example.
> 
> Prior to IOS version 12.3(8)T, IKE was enabled by default, 
> with no crypto
> configuration needed for the IOS device to process IKE messages.
> 
> 12.2SXD versions of Cisco IOS have IKE enabled by default. To 
> ensure that IKE
> processing is disabled, enter the global configuration command 
> "no crypto isakmp enable".
> 
> As of IOS version 12.3(2)T (which includes all 12.4-based 
> versions), crypto
> configuration is required to enable IKE message processing.
> 
> In order for an IOS device to be vulnerable crypto map must 
> be explicilty
> configured and applied to an interface.
> 
> Secure Socket Layer (SSL)
> +------------------------
> 
> In some Cisco IOS software releases the vulnerable library is 
> used to process
> elements of SSL functionalities. SSL is used to protect 
> several application
> layer protocols like Hyper Text Transfer Protocol over SSL (HTTPS).
> 
> HTTPS is not the only protocol that may use SSL but it is the 
> most commonly
> known. In order to determine if your device has HTTPS 
> configured enter the
> command "show running | include secure". Below is an example 
> of a device 
> that has HTTPS enabled.
> 
>     router#show running | include secure-server
>     ip http secure-server
> 
> 
> Threat Information Distribution Protocol (TIDP)
> +----------------------------------------------
> 
> To determine if your device has TDIP enabled, enter the command 
> "show running-config | include parameter-map". Below is an 
> example of a 
> device that has TDIP enabled.
> 
>     router#show running | include parameter-map
>     parameter-map type tms TMS_PAR
> 
> 
> Cisco IOS SIP Gateway Signaling Support Over TLS (SIP-TLS)
> +---------------------------------------------------------
> 
> To determine if your device has SIP-TLS enabled, enter the command 
> "show running-config | include crypto signaling". Below is an 
> example of 
> a device that has SIP-TLS enabled.
> 
>     router#show running | include crypto signaling
>     crypto signaling default trustpoint user1
> 
> 
> Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)
> +--------------------------------------------------------------------
> 
> To determine if your device has EAP-TLS enabled, enter the command 
> "show running-config | include method". Below is an example 
> of a device 
> that has EAP-TLS enabled.
> 
>     Router#show running | include method
>     method tls
> 
> 
> Affected protocols in Cisco IOS XR
> +---------------------------------
> 
> You are affected by this vulnerability if you are running one 
> of the vulnerable
> Cisco IOS XR software releases and have, at least one, of the 
> following
> protocols or features enabled:
> 
>   * Internet Security Association and Key Management Protocol (ISAKMP)
>   * In some IOS XR releases the Secure Socket Layer (SSL) may 
> also be affected
>   * Secure Shell (SSH)
> 
> Internet Security Association and Key Management Protocol (ISAKMP)
> +-----------------------------------------------------------------
> 
> To determine if your device has ISAKMP enabled, enter the command 
> "show running-config | include isakmp". Below is an example 
> of a device 
> that has IKE enabled.
> 
>     Router#show running-config | include isakmp
>            crypto isakmp
>            crypto isakmp policy 1
>            crypto isakmp profile profile-a
> 
> 
> Secure Socket Layer (SSL)
> +------------------------
> 
> SSL is used to provide secure communications to the application layer
> protocols like Hyper Text Transfer Protocol over SSL (HTTPS) 
> and Object
> Request Brokers (ORB). To determine if your device has any service
> enabled that uses SSL, enter one of the following commands 
> "show running-config | include http server ssl" or 
> "show running-config | include xml agent corba ssl". Below is 
> an example 
> of a device that has both of the services enabled.
> 
>     Router#show running-config | include http server ssl
>            http server ssl
> 
>     Router#show running-config | include xml agent corba ssl
>            xml agent corba ssl
> 
> 
> Secure Shell (SSH)
> +-----------------
> 
> SSH is an application and a protocol that provides secure 
> replacement for the
> suite of Berkeley r-tools such as rsh, rlogin and rcp. It is 
> highly prefered
> over Telnet for interactive sessions. To determine if your 
> device has SSH
> enabled enter the command "show running-config | include ssh 
> server". Below 
> is an example of a device that has SSH enabled.
> 
>     Router#show running-config | include ssh server
>            ssh server
>            ssh server rate-limit 100
> 
> 
> Affected protocols in Cisco PIX and ASA Security Appliances
> +----------------------------------------------------------
> 
> You are affected by this vulnerability if you are running one 
> of the vulnerable
> Cisco PIX and ASA software releases and have, at least one, 
> of the following
> protocols or features enabled:
> 
>   * Secure Shell (SSH)
>   * Internet Security Association and Key Management Protocol (ISAKMP)
>   * Secure Socket Layer (SSL)
> 
> Secure Shell (SSH)
> +-----------------
> 
> To determine if a device has SSH enabled, enter the command 
> "show running" 
> and observe the output. If it contains the line as in the 
> following example 
> then SSH is enabled.
> 
>     PIX#show running
>     ....
>     ssh <host_IP_address> <host_netmask> <interface>
>     ....
> 
> 
> Internet Security Association and Key Management Protocol (ISAKMP)
> +-----------------------------------------------------------------
> 
> To determine if a device has ISAKMP enabled, enter the 
> command "show running" 
> and observe the output. If it contains the lines as in the following 
> example then ISAKMP is enabled.
> 
>     PIX#show running
>     ....
>     crypto isakmp policy 2
>      authentication rsa-sig
>     ....
> 
> 
> Secure Socket Layer (SSL)
> +------------------------
> 
> SSL is used to protect several application layer protocols 
> like Hyper Text
> Transfer Protocol over SSL (HTTPS) and Cisco Adaptive 
> Security Device Manager
> (ASDM) session.
> 
> To determine if a device has SSL enabled, enter the command 
> "show running" 
> and observe the output. If it contains the line as in the following 
> example then SSL is enabled.
> 
>     PIX#show running
>     ....
>     http server enable
>     ....
> 
> 
> Affected protocols in Cisco Unified CallManager
> +----------------------------------------------
> 
> You are affected by this vulnerability if you are running one 
> of the vulnerable
> Cisco Unified CallManager software releases and have, at 
> least one, of the
> following protocols or features enabled:
> 
>   * Certificate Authority Proxy Function (CAPF)
>   * Cisco TAPI Service Provider (Cisco Unified CallManager TSP)
> 
> Certificate Authority Proxy Function (CAPF)
> +------------------------------------------
> 
> CAPF is automatically installed with Cisco CallManager but is 
> disabled by
> default. In order to verify if CAPF is enabled on your 
> Unified CallManager do
> the following steps.
> 
>   * Step 1 - In Cisco CallManager Administration, choose 
> Service > Service
>     Parameter.
>   * Step 2 - If you are running 4.x software then do the 
> following: from the
>     Server drop-down list box, choose the publisher database 
> server. If you are
>     running 5.x software then do the following: From the 
> Server drop-down list
>     box, choose the first node.
>   * Step 3 - From the Service drop-down list box, choose the 
> Cisco Certificate
>     Authority Proxy Function service.
> 
> If you are given CAPF parameters then CAPF is running on your system.
> 
> Cisco TAPI Service Provider (Cisco Unified CallManager TSP)
> +----------------------------------------------------------
> 
> In order to determine if Cisco Unified CallManager TSP is 
> installed open
> Windows Control Panel (Start > Control Panel) and click on 
> Add/Remove Programs.
> If 'Cisco Unity-CM TSP' is listed then you have it installed 
> on your system.
> 
> Products Confirmed Not Vulnerable
> +--------------------------------
> 
> No other Cisco products are currently known to be affected by this
> vulnerability. Specifically, the following product's features 
> or products are
> known not to be affected:
> 
>   * Cisco IOS
>       + Secure Shell (SSH)
>       + Secure Copy (SCP)
>   * Cisco Unified Call Manager
>       + Hyper Text Transfer Protocol over SSL (HTTPS)
>       + Cisco Unified CallManager is configured for Secure 
> Survivable Remote
>         Site Telephony (SRST)
>   * MeetingPlace Express and MeetingPlace for Telepresence
>   * Cisco IP Communicator
>   * All Cisco Unified IP Phones 7900 Series
>   * CIP TN3270 Server
>   * Cisco GSS 4400 Series Global Site Selector Appliances
>   * Cisco CatOS
> 
> The list is not exhaustive.
> 
> Details
> =======
> 
> ASN.1 is defined by ITU-T (International Telecommunication Union -
> Telecommunication Standardization Sector) standards and it 
> describes, among
> other things, data structures for encoding values. The 
> vulnerability addressed
> by this advisory is related to the implementation of parsing 
> certain data
> structures and is not a vulnerability in the standard itself.
> 
> Protocols that use ASN.1 (e.g., voice over IP, Simple Network 
> Management
> Protocol and others), but do not rely on the vulnerable 
> crypto library, are not
> affected. This advisory only addresses an implementation 
> issue in a particular
> crypto library from a single vendor.
> 
> This vulnerability is present in the following Cisco products:
> 
>   * Cisco IOS, documented as Cisco bug ID CSCsd85587 
>   * Cisco IOS XR, documented as Cisco bug ID CSCsg41084 
>   * Cisco PIX and ASA Security Appliances, documented as Cisco bug ID
>     CSCse91999 
>   * Cisco Firewall Services Module (FWSM), documented as Cisco bug ID
>     CSCsi97695 
>   * Cisco Unified CallManager, documented as Cisco bug ID CSCsg44348 
> 
> Vulnerability Scoring Details
> +----------------------------
> 
> Cisco is providing scores for the vulnerabilities in this 
> advisory based on the
> Common Vulnerability Scoring System (CVSS).
> 
> Cisco will provide a base and temporal score. Customers can 
> then compute
> environmental scores to assist in determining the impact of 
> the vulnerability
> in individual networks.
> 
> Cisco PSIRT will set the bias in all cases to normal. 
> Customers are encouraged
> to apply the bias parameter when determining the 
> environmental impact of a
> particular vulnerability.
> 
> CVSS is a standards based scoring method that conveys 
> vulnerability severity
> and helps determine urgency and priority of response.
> 
> Cisco has provided an FAQ to answer additional questions 
> regarding CVSS at
> http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html.
> 
> Cisco has also provided a CVSS calculator to help compute
> the environmental impact for individual networks at
> http://intellishield.cisco.com/security/alertmanager/cvss.
> 
> Cisco Bug IDs:
> 
> CSCsd85587 - Router crashes when processing ISAKMP message
> 
> CVSS Base Score: 3.3
>     Access Vector: Remote
>     Access Complexity: Low
>     Authentication: Not Required
>     Confidentiality Impact: None
>     Integrity Impact: None
>     Availability Impact: Complete
>     Impact Bias: Normal
> 
> CVSS Temporal Score: 2.7
>     Exploitability: Functional
>     Remediation Level: Official Fix
>     Report Confidence: Confirmed
> 
> 
> CSCsg41084 - IOS XR crashes when processing ISAKMP message
> 
> CVSS Base Score: 3.3
>     Access Vector: Remote
>     Access Complexity: Low
>     Authentication: Not Required
>     Confidentiality Impact: None
>     Integrity Impact: None
>     Availability Impact: Complete
>     Impact Bias: Normal
> 
> CVSS Temporal Score: 2.7
>     Exploitability: Functional
>     Remediation Level: Official Fix
>     Report Confidence: Confirmed
> 
> CSCse91999 - PIX/ASA crashes when processing ISAKMP message
> 
> CVSS Base Score: 3.3
>     Access Vector: Remote
>     Access Complexity: Low
>     Authentication: Not Required
>     Confidentiality Impact: None
>     Integrity Impact: None
>     Availability Impact: Complete
>     Impact Bias: Normal
> 
> CVSS Temporal Score: 2.7
>     Exploitability: Functional
>     Remediation Level: Official Fix
>     Report Confidence: Confirmed
> 
> 
> CSCsg44348 - Unified CallManager crashes when processing 
> crypto message
> 
> CVSS Base Score: 3.3
>     Access Vector: Remote
>     Access Complexity: Low
>     Authentication: Not Required
>     Confidentiality Impact: None
>     Integrity Impact: None
>     Availability Impact: Complete
>     Impact Bias: Normal
> 
> CVSS Temporal Score: 2.7
>     Exploitability: Functional
>     Remediation Level: Official Fix
>     Report Confidence: Confirmed
> 
> 
> Impact
> ======
> 
> Successful exploitation of the vulnerability listed in this 
> advisory may result
> in the crash of a vulnerable device. Repeated exploitation 
> can result in a
> sustained DoS attack.
> 
> Software Versions and Fixes
> ===========================
> 
> When considering software upgrades, also consult
> http://www.cisco.com/go/psirt and any subsequent advisories 
> to determine
> exposure and a complete upgrade solution.
> 
> In all cases, customers should exercise caution to be certain the
> devices to be upgraded contain sufficient memory and that current
> hardware and software configurations will continue to be supported
> properly by the new release. If the information is not clear, contact
> the Cisco Technical Assistance Center ("TAC") or your contracted
> maintenance provider for assistance.
> 
> Each row of the Cisco IOS software table (below) describes a release
> train. If a given release train is vulnerable, then the earliest
> possible releases that contain the fix (the "First Fixed Release")
> and the anticipated date of availability for each are listed in the
> "Rebuild" and "Maintenance" columns. A device running a release in the
> given train that is earlier than the release in a specific 
> column (less
> than the First Fixed Release) is known to be vulnerable. The release
> should be upgraded at least to the indicated release or a 
> later version
> (greater than or equal to the First Fixed Release label).
> 
> For more information on the terms "Rebuild" and 
> "Maintenance," consult the 
> following URL:
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/product
> s_white_paper09186a008018305e.shtml
> 
> Cisco IOS
> +--------
> 
> Fixed Cisco IOS software releases are listed in the table below.
> 
> +-------------------------------------------------------------
> ----------------+
> |        Major Release         |      Availability of 
> Repaired Releases       |
> |------------------------------+------------------------------
> ----------------|
> | Affected 12.2-Based Release  | Rebuild             | 
> Maintenance            |
> |------------------------------+------------------------------
> ----------------|
> | 12.2B                        | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2BC                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2BZ                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2CX                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2CZ                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2EW                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2EWA                      | 12.2(25)EWA9        |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2EX                       | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2EY                       | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2EZ                       | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2FX                       | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2FY                       | Vulnerable; migrate to 
> 12.2(35)SE2 or later  |
> |------------------------------+------------------------------
> ----------------|
> | 12.2FZ                       | Vulnerable; migrate to 
> 12.2(35)SE2 or later  |
> |------------------------------+------------------------------
> ----------------|
> | 12.2IXA                      | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2IXB                      | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2IXC                      | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2JA                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2JK                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SB                       | 12.2(31)SB3         |        
>                 |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.2SE                       | 12.2(35)SE2         |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEA                      | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEB                      | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEC                      | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SED                      | Vulnerable; migrate to 
> 12.2(25)SEE3 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEE                      | 12.2(25)SEE3        |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEF                      | Vulnerable; migrate to 
> 12.2(35)SE2 or later  |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SEG                      | Vulnerable; migrate to 
> 12.2(35)SE2 or later  |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SG                       |                     | 
> 12.2(37)SG             |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.2SGA                      | 12.2(31)SGA1        |        
>                 |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.2SRA                      | 12.2(33)SRA3        |        
>                 |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.2SRB                      |                     | 
> 12.2(33)SRB            |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SXD                      | Vulnerable; migrate to 
> 12.2(18)SXF8 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SXE                      | Vulnerable; migrate to 
> 12.2(18)SXF8 or later |
> |------------------------------+------------------------------
> ----------------|
> | 12.2SXF                      | 12.2(18)SXF8        |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2T                        | Vulnerable; migrate to 
> 12.3(22) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2XR                       | Vulnerable; migrate to 
> 12.3(22) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2YU                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2YV                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZD                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZE                       | Vulnerable; migrate to 
> 12.3(22) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZF                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZG                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZH                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZJ                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZL                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZU                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.2ZW                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | Affected 12.3-Based Release  | Rebuild             | 
> Maintenance            |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.3                         |                     | 
> 12.3(22)               |
> |------------------------------+------------------------------
> ----------------|
> | 12.3B                        | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3BC                       | 12.3(17b)BC6        |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3JA                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3JEA                      | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3JK                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3JL                       | 12.3(2)JL1          |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3JX                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3T                        | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3TPC                      | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XA                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XB                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XC                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XD                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XE                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XF                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XG                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XH                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XI                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XJ                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XK                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XQ                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XR                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XS                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XU                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XW                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3XX                       | Vulnerable; migrate to 
> 12.4(10) or later     |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YA                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YD                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YF                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YG                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YH                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YI                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YK                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YQ                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YS                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YT                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YU                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YX                       | 12.3(14)YX7         |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.3YZ                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | Affected 12.4-Based Release  | Rebuild             | 
> Maintenance            |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.4                         | 12.4(7d)            | 
> 12.4(10)               |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.4SW                       | 12.4(11)SW1         |        
>                 |
> |------------------------------+---------------------+--------
> ----------------|
> |                              | 12.4(6)T7           |        
>                 |
> |                              
> |---------------------+------------------------|
> | 12.4T                        | 12.4(9)T3           |        
>                 |
> |                              
> |---------------------+------------------------|
> |                              | 12.4(11)T1          |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XA                       | Vulnerable; migrate to 
> 12.4(6)T7 or later    |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XB                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XC                       | 12.4(4)XC6          |        
>                 |
> |------------------------------+---------------------+--------
> ----------------|
> | 12.4XD                       | 12.4(4)XD6          |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XE                       | Vulnerable; contact TAC      
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XJ                       | 12.4(11)XJ2         |        
>                 |
> |------------------------------+------------------------------
> ----------------|
> | 12.4XP                       | Vulnerable; contact TAC      
>                 |
> +-------------------------------------------------------------
> ----------------+
> 
> Cisco IOS XR
> +-----------
> 
> The following table lists fixed Cisco IOS XR software.
> 
> +-------------------------------------------------------------
> --------+
> |    Cisco IOS XR     |     SMU ID      |          SMU Name   
>         |
> |       Version       |                 |                     
>         |
> |---------------------+-----------------+---------------------
> --------|
> | 3.2.3               | AA01802         | 
> hfr-k9sec-3.2.3.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.2.4               | AA01801         | 
> hfr-k9sec-3.2.4.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.2.6               | AA01800         | 
> hfr-k9sec-3.2.6.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.0               | AA01799,        | 
> hfr-k9sec-3.3.0.CSCsg41084  |
> |                     | AA01780         |                     
>         |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.0               | AA01780         | 
> c12k-k9sec-3.3.0.CSCsg41084 |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.1               | AA01781         | 
> c12k-k9sec-3.3.1.CSCsg41084 |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.1               | AA01798         | 
> hfr-k9sec-3.3.1.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.2               | AA01797         | 
> hfr-k9sec-3.3.2.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.3               | AA01796         | 
> hfr-k9sec-3.3.3.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.3.3               | AA01785         | 
> c12k-k9sec-3.3.3.CSCsg41084 |
> |---------------------+-----------------+---------------------
> --------|
> | 3.4.0               | AA01782         | 
> c12k-k9sec-3.4.0.CSCsg41084 |
> |---------------------+-----------------+---------------------
> --------|
> | 3.4.0               | AA01795         | 
> hfr-k9sec-3.4.0.CSCsg41084  |
> |---------------------+-----------------+---------------------
> --------|
> | 3.4.1               | AA01783         | 
> c12k-k9sec-3.4.1.CSCsg41084 |
> |---------------------+-----------------+---------------------
> --------|
> | 3.4.1               | AA01794         | 
> hfr-k9sec-3.4.1.CSCsg41084  |
> +-------------------------------------------------------------
> --------+
> 
> IOS XR Package Installation Envelopes (PIE) can be downloaded 
> from File 
> Exchange at:
> https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=IOS-XR 
> Installation instructions are included in the accompanying .txt files.
> 
> Cisco PIX and ASA Security Appliance
> +-----------------------------------
> 
> This vulnerability is fixed in the following 7.x software 
> releases: 7.0(6.7),
> 7.1(2.27), 7.2(1.22), 7.2(2). All 8.x software releases do 
> contain the fixed
> library and are not affected. No 6.x software releases are 
> affected by this
> vulnerability.
> 
> Cisco Firewall Service Module (FWSM)
> +-----------------------------------
> 
> This vulnerability is fixed in the following software releases:
> 
>   * 2.3(5) maintenance release, expected in 2007-June
>   * 3.1(6) maintenance release, expected in 2007-June
> 
> Cisco Unified CallManager
> +------------------------
> 
> This vulnerability is fixed in the following software releases.
> 
>   * 4.0(x) releases are vulnerable but no fix will be 
> provided. Customers are
>     advised to upgrade to the fixed 4.1 or 4.2 software.
>   * 4.1(3)sr.5 expected in 2007-May-24
>   * 4.2(3)sr.2 expected in 2007-May
>   * 4.3(1)sr.1 expected 2007-Jun
>   * 5.0(4) - no fixed software planned, users should upgrade to 5.1(2)
>   * 5.1(1) - no fixed software planned, users should upgrade to 5.1(2)
>   * 5.1(2)
> 
> Workarounds
> ===========
> 
> The only way to prevent a device being susceptible to the listed
> vulnerabilities is to disable the affected service(s). 
> However, if regular
> maintenance and operation of the device relies on these 
> services then there is
> no workaround.
> 
> It is possible to mitigate these vulnerabilities by preventing
> unauthorized hosts to access the affected devices. Additional 
> mitigations 
> that can be deployed on Cisco devices within the network are 
> available 
> in the Cisco Applied Intelligence companion document for this 
> advisory:
> 
> http://www.cisco.com/warp/ public/707/cisco-air-20070522-crypto.shtml
> 
> Control Plane Policing (CoPP)
> +----------------------------
> 
> Control Plane Policing: IOS software versions that support 
> Control Plane
> Policing (CoPP) can be configured to help protect the device 
> from attacks that
> target the management and control planes. CoPP is available 
> in Cisco IOS
> release trains 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T.
> 
> In the CoPP example below, the ACL entries that match the 
> exploit packets with
> the permit action will be discarded by the policy-map drop 
> function, while
> packets that match a deny action (not shown) are not affected 
> by the policy-map
> drop function.
> 
>     !-- Include deny statements up front for any 
> protocols/ports/IP addresses that
>     !-- should not be impacted by CoPP
>     !-- Include permit statements for the protocols/ports 
> that will be governed by CoPP
>     !-- port 443 - HTTPS
>     access-list 100 permit tcp any any eq 443
>     !-- port 500 - IKE
>     access-list 100 permit udp any any eq 500
>     !-- port 848 - GDOI
>     access-list 100 permit tcp any any eq 848
>     !-- port 5060 - SIP-TLS
>     access-list 100 permit tcp any any eq 5060
>     !-- port 5354 - TIDP
>     access-list 100 permit tcp any any eq 5354
> 
>     !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 
> and Layer4
>     !-- traffic in accordance with existing security policies and
>     !-- configurations for traffic that is authorized to be sent
>     !-- to infrastructure devices.
>     !
>     !-- Create a Class-Map for traffic to be policed by
>     !-- the CoPP feature.
>     !
>     class-map match-all Drop-Known-Undesirable
>      match access-group 100
> 
>     !
>     !-- Create a Policy-Map that will be applied to the
>     !-- Control-Plane of the device.
>     !
>     policy-map CoPP-Input-Policy
>      class Drop-Known-Undesirable
>       drop
> 
>     !-- Apply the Policy-Map to the Control-Plane of the
>     !-- device.
>     !
>     control-plane
>      service-policy input CoPP-Input-Policy
> 
> 
> Please note that in the 12.0S, 12.2S, and 12.2SX Cisco IOS trains, the
> policy-map syntax is different:
> 
>     policy-map CoPP-Input-Policy
>      class Drop-Known-Undesirable
>      police 32000 1500 1500 conform-action drop exceed-action drop
> 
> 
> NOTE: In the above CoPP example, the ACL entries with the 
> "permit" action that
> match the exploit packets result in the discarding of those 
> packets by the
> policy-map drop function, while packets that match the "deny" 
> action are not
> affected by the policy-map drop function.
> 
> Additional information on the configuration and use of the CoPP
> feature can be found at 
> http://www.cisco.com/en/US/products/ps6642/products_white_pape
> r0900aecd804fa16a.shtml
> and 
> http://www.cisco.com/en/US/products/sw/iosswrel/ps1838/product
> s_feature_guide09186a008052446b.html
> 
> 
> Access Control List (ACL)
> +------------------------
> 
> Access control lists can be used to help mitigate attacks 
> that may try to
> exploit these vulnerabilities. This is done in a way that 
> only packets from the
> legitimate sources are allowed to reach the device and all 
> others are dropped.
> 
>     access-list 101 permit tcp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 443
>     access-list 101 permit udp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 500
>     access-list 101 permit tcp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 506
>     access-list 101 permit tcp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 4848
>     access-list 101 permit tcp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 5060
>     access-list 101 permit tcp host 
> <legitimate_host_IP_address> host <router_IP_address> eq 5354
>     access-list 101 deny tcp any any eq 443
>     access-list 101 deny udp any any eq 500
>     access-list 101 deny tcp any any eq 506
>     access-list 101 deny udp any any eq 4848
>     access-list 101 deny tcp any any eq 5060
>     access-list 101 deny tcp any any eq 5354
> 
> 
> Obtaining Fixed Software
> ========================
> 
> Cisco has made free software available to address this 
> vulnerability for
> affected customers. Prior to deploying software, customers 
> should consult their
> maintenance provider or check the software for feature set 
> compatibility and
> known issues specific to their environment.
> 
> Customers may only install and expect support for the feature
> sets they have purchased. By installing, downloading, accessing
> or otherwise using such software upgrades, customers agree to be
> bound by the terms of Cisco's software license terms found at
> http://www.cisco.com/public/sw-license-agreement.html, or as otherwise
> set forth at Cisco.com Downloads at
> http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
> 
> Do not contact either "psirt@xxxxxxxxx" or 
> "security-alert@xxxxxxxxx" for
> software upgrades.
> 
> Customers with Service Contracts
> +-------------------------------
> 
> Customers with contracts should obtain upgraded software 
> through their regular
> update channels. For most customers, this means that upgrades 
> should be
> obtained through the Software Center on Cisco's worldwide website at 
> http://www.cisco.com.
> 
> Customers using Third-party Support Organizations
> +------------------------------------------------
> 
> Customers whose Cisco products are provided or maintained 
> through prior or
> existing agreement with third-party support organizations 
> such as Cisco
> Partners, authorized resellers, or service providers should 
> contact that
> support organization for guidance and assistance with the 
> appropriate course of
> action in regards to this advisory.
> 
> The effectiveness of any workaround or fix is dependent on 
> specific customer
> situations such as product mix, network topology, traffic 
> behavior, and
> organizational mission. Due to the variety of affected 
> products and releases,
> customers should consult with their service provider or 
> support organization to
> ensure any applied workaround or fix is the most appropriate 
> for use in the
> intended network before it is deployed.
> 
> Customers without Service Contracts
> +----------------------------------
> 
> Customers who purchase direct from Cisco but who do not hold 
> a Cisco service
> contract and customers who purchase through third-party 
> vendors but are
> unsuccessful at obtaining fixed software through their point 
> of sale should get
> their upgrades by contacting the Cisco Technical Assistance 
> Center (TAC). TAC
> contacts are as follows.
> 
>   * +1 800 553 2447 (toll free from within North America)
>   * +1 408 526 7209 (toll call from anywhere in the world)
>   * e-mail: tac@xxxxxxxxx
> 
> Have your product serial number available and give the URL of 
> this notice as
> evidence of your entitlement to a free upgrade. Free upgrades 
> for non-contract
> customers must be requested through the TAC.
> 
> Refer to 
> http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for
> additional TAC contact information, including special 
> localized telephone
> numbers and instructions and e-mail addresses for use in 
> various languages.
> 
> Exploitation and Public Announcements
> =====================================
> 
> The Cisco PSIRT is not aware of any public announcements or 
> malicious use of
> the vulnerability described in this Advisory.
> 
> This vulnerability was discovered by Cisco during internal testing.
> 
> Status of This Notice: Interim
> ==============================
> 
> THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT 
> IMPLY ANY KIND OF
> GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF 
> MERCHANTABILITY OR FITNESS
> FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE 
> DOCUMENT OR MATERIALS
> LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES 
> THE RIGHT TO
> CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO 
> UPDATE THIS
> DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
> 
> A stand-alone copy or Paraphrase of the text of this document 
> that omits the
> distribution URL in the following section is an uncontrolled 
> copy, and may lack
> important information or contain factual errors.
> 
> Distribution
> ============
> 
> This advisory is posted on Cisco's worldwide website at 
> http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml.
> 
> In addition to worldwide web posting, a text version of this notice is
> clear-signed with the Cisco PSIRT PGP key and is posted to 
> the following e-mail
> and Usenet news recipients.
> 
>   * cust-security-announce@xxxxxxxxx
>   * first-teams@xxxxxxxxx
>   * bugtraq@xxxxxxxxxxxxxxxxx
>   * vulnwatch@xxxxxxxxxxxxx
>   * cisco@xxxxxxxxxxxxxxxxx
>   * cisco-nsp@xxxxxxxxxxxxxxx
>   * full-disclosure@xxxxxxxxxxxxxxxxx
>   * comp.dcom.sys.cisco@xxxxxxxxxxxxxxxxxx
> 
> Future updates of this advisory, if any, will be placed on 
> Cisco's worldwide
> website, but may or may not be actively announced on mailing lists or
> newsgroups. Users concerned about this problem are encouraged 
> to check the
> above URL for any updates.
> 
> Revision History
> ================
> 
> +-------------------------------------------------------------
> --------+
> | Revision 1.0     | 2007-May-22     | Initial public 
> release.        |
> +-------------------------------------------------------------
> --------+
> 
> Cisco Security Procedures
> =========================
> 
> Complete information on reporting security vulnerabilities in 
> Cisco products,
> obtaining assistance with security incidents, and registering 
> to receive
> security information from Cisco, is available on Cisco's 
> worldwide website at
> http://www.cisco.com/en/US/products/products_security_vulnerab
> ility_policy.html
> This includes instructions for press inquiries regarding 
> Cisco security
> notices. All Cisco security advisories are available at 
> http://www.cisco.com/go/psirt.
> 
> - 
> --------------------------------------------------------------
> -----------------
> All contents are Copyright 2006-2007 Cisco Systems, Inc. All 
> rights reserved.
> - 
> --------------------------------------------------------------
> -----------------
> 
> Updated: May 22, 2007                                        
> Document ID: 91890
> 
> - 
> --------------------------------------------------------------
> -----------------
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (GNU/Linux)
> 
> iD8DBQFGUv7c8NUAbBmDaxQRAse8AJ9YwxPEprfhiJNzLVTLMXsTnTuWSwCghmmF
> qlrKeNA331DvYso6f2C5mRk=
> =dfTU
> -----END PGP SIGNATURE-----
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 



 




Copyright © Lexa Software, 1996-2009.