[<prev] [next>] [day] [month] [year] [list]
Message-id: <20120620122509.cisco-sa-20120620-ace@psirt.cisco.com>
Date: Wed, 20 Jun 2012 12:25:18 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: full-disclosure@...ts.grok.org.uk
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Cisco Application
Control Engine Administrator IP Address Overlap Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Application Control Engine Administrator IP Address Overlap Vulnerability
Advisory ID: cisco-sa-20120620-ace
Revision 1.0
For Public Release 2012 June 20 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
A vulnerability exists in Cisco Application Control Engine (ACE)
software. Administrative users may be logged into an unintended
context (virtual instance) on the ACE when running in multicontext
mode.
Cisco has released free software updates that address this
vulnerability. A workaround is available for this vulnerability.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iF4EAREIAAYFAk/hxbUACgkQQXnnBKKRMND+xAD+Kyl1XE7s35MmPSXKKRu8wCyv
p1kEyH7KVtiqj2gBAcYA/0j0LhJpa77zHF0ZpOJbDrNwT1ccWUDHdr8jjD/yv+aP
=UyTX
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists