[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability
From:       "Eloy A. Paris" <elparis () cisco ! com>
Date:       2005-12-30 20:28:21
Message-ID: 20051230202821.GK2382 () pumpin
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Response
==============

This is the Cisco Product Security Incident Response Team (PSIRT)'s
response to the statements made by Oleg Tipisov in his message with
subject "Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
posted to Bugtraq on 2005-Dec-21. An archived version of this message
can be found here:

http://www.securityfocus.com/archive/1/420020

Cisco confirms the statements made by Mr. Tipisov, and has published a
Field Notice to document the vulnerability and provide solutions and
workarounds.

The Field Notice can be found at the following location:

Field Notice: FN - 61965 - CS ACS for Windows Downloadable IP Access
Control List Vulnerability

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml

We greatly appreciate the opportunity to work with researchers on
security vulnerabilities, and welcome the opportunity to review and
assist in product reports.

Best regards,

- -- 

Eloy Paris
Product Security Incident Response Team (PSIRT)
Cisco Systems, Inc.
Ph: +1 919 392-9118
Cell: +1 919 349-2990
Pager: (888) 347-7178

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDtZhkagjTfAtNY9gRAqhTAKCZ2HRGCLXu86ng/jJa3uaynVNQTACglVDA
JuYN8eOPy9HdQct1yR86GWY=
=swKK
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]