[cisco-voip] DRS Backup Decrypter - Decrypt Failure After Patching

Pete Brown jpb at chykn.com
Fri Apr 15 16:42:11 EDT 2016


Looks like the party is going to be over for decrypting backup sets without requiring the cluster security password...


https://quickview.cloudapps.cisco.com/quickview/bug/CSCuv8592<https://quickview.cloudapps.cisco.com/quickview/bug/CSCuv85926>


All encrypted DRS backup sets until now have contained a plaintext copy of the randomly generated backup key.  It lists the known affected releases as 10.5(2.12901.1), but this goes all the way from 8.0 to 11.5 and affects CUCM,  UCON and UCCX.  This is how the decrypter has been able to decrypt backup sets without the cluster security password.


Once this is patched, you may no longer be able to decrypt backups even if you type in the correct password.  If you run into this, please let me know and I'll work on an update.


Thanks,

Pete
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20160415/422f22f6/attachment.html>


More information about the cisco-voip mailing list