Cisco Systems has issued a security advisory over the potential vulnerabilities in using the OpenSSL open-source data encryption software with some of its products.
The OpenSSL Project advised users of potential problems in October and Cisco has now confirmed which products are affected and when remedies to the problems will be available.
Users of most affected products will not be fully protected when using OpenSSL until spring 2006, according to the advisory.
The flaws in Cisco’s products potentially allow remote attackers to capture data and execute arbitrary code on users’ systems.
OpenSSL is an open-source version of secure sockets layer (SSL), which is used by browsers to protect data transmitted over the internet.
Cisco said six of its products were affected by the problem ranging from network management systems to wireless controllers.
The advisory is available here: