| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <20120620122505.cisco-sa-20120620-ace@psirt.cisco.com> Date: Wed, 20 Jun 2012 12:25:18 -0400 From: Cisco Systems Product Security Incident Response Team <psirt@...co.com> To: bugtraq@...urityfocus.com Cc: psirt@...co.com Subject: Cisco Security Advisory: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Application Control Engine Administrator IP Address Overlap Vulnerability Advisory ID: cisco-sa-20120620-ace Revision 1.0 For Public Release 2012 June 20 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability exists in Cisco Application Control Engine (ACE) software. Administrative users may be logged into an unintended context (virtual instance) on the ACE when running in multicontext mode. Cisco has released free software updates that address this vulnerability. A workaround is available for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/hxbUACgkQQXnnBKKRMND+xAD+Kyl1XE7s35MmPSXKKRu8wCyv p1kEyH7KVtiqj2gBAcYA/0j0LhJpa77zHF0ZpOJbDrNwT1ccWUDHdr8jjD/yv+aP =UyTX -----END PGP SIGNATURE-----
Powered by blists - more mailing lists