| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <20121107111105.cisco-sr-20121107-n1k@psirt.cisco.com> Date: Wed, 7 Nov 2012 11:11:56 -0500 From: Cisco Systems Product Security Incident Response Team <psirt@...co.com> To: bugtraq@...urityfocus.com Cc: psirt@...co.com Subject: Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Document ID: cisco-sr-20121107-n1k Revision 1.0 For Public Release 2012 November 7 16:00 UTC (GMT) - ---------------------------------------------------------------------- Cisco Response ============== The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG. This software bug is documented in Cisco Bug ID CSCud01427 and a software bulletin for Software Release 4.2(1)SV1(5.2) is in the process of being published. Additional Information This response is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20121107-n1k -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlCahB0ACgkQUddfH3/BbTocEgD/ZAzdVLQZCcaLo41tATesEH9J 0O/Ijdnc8Fw7B3pBgrgBAI/6M8mWC/CJWGF6b6OkDhxu8aiNUUmZX645hWms9h8c =MMfv -----END PGP SIGNATURE-----
Powered by blists - more mailing lists