[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Fri Jun 12 13:33:26 EDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products
Advisory ID: cisco-sa-20150612-openssl
Revision: 1.0
For Public Release 2015 June 12 16:00 UTC (GMT)
+------------------------------------------------------------------
Summary
On June 11, 2015, the OpenSSL Project released a security advisory
detailing six distinct vulnerabilities, and another fix that
provides hardening protections against exploits as described in the
Logjam research.
Multiple Cisco products incorporate a version of the OpenSSL package
affected by one or more vulnerabilities that could allow an
unauthenticated, remote attacker to cause a denial of service (DoS)
condition or corrupt portions of OpenSSL process memory.
This advisory will be updated as additional information becomes
available.
Cisco will release free software updates that address these
vulnerabilities.
Workarounds that mitigate these vulnerabilities may be available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iQIVAwUBVXsWB4pI1I6i1Mx3AQKNfBAAlt7XWQOMZwZGoK7wOD89e4hDalLvm1M9
IGqYVEXoyh23K8ByyWhaa4dff+SyrcUon9l/NAs8YITZtQyjXCqDh5LVce/dPR0N
L89Dc6mjSkIW0mNvxyHZmbjEzzwzhTi3nEpJqPdhX+M3kgmVFM5N+QIfyvRgbm1T
oAETsg0QB/gte5roZYLTtxwXlhksNoRkhzaaE6cIqk2JOWjcdEdd6eCeCt0s0cct
4qhF7JzXy9gUWHBoVNHWykEUNN48KD/fG3szOKm0bA6hkuC6i47vy9N4n4i5NzB9
ZYYiT3L4Avam36ZFimOI9vcRzKtU5XNr1GKDTSAwqzDp3oBjaX/eC9iw9sG0Fy3t
prXgGqYaODkZM2/d3VCa0IYAP+pjqzMqcyah0kqOxaFvK5IE0K7a/tIsO8RsItzv
YcYD9bdNbEcK1QapkFtCbs4hRFFVixtBR1EOY24ftxR7F+AbYnbeoqkce5D4wm0U
8XViJaP1s+6Fe5JOLoF3nza8YUC0QjSkbWogDJmIXGL+Hzjy3TDSRUK0y2aq9urt
OsXIyogikNi1FKKG5DCG7XVVHX3I/04daYKEqmmsXmjE7oldlI+9aczucWAFX4cV
hqZzKk+Ey+7+Raf+gn5dOjwWDWgahV8ctUEWeCvMXALawDjRVdfY4kX4y74B/yp1
aWyDePGjyXQ=
=iEzF
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list