Cisco confirms OpenSSL flaws


Cisco confirms OpenSSL flaws

Antony Savvas

Cisco Systems has issued a security advisory over the potential vulnerabilities in using the OpenSSL open-source data encryption software with some of its products.

The OpenSSL Project advised users of potential problems in October and Cisco has now confirmed which products are affected and when remedies to the problems will be available.

Users of most affected products will not be fully protected when using OpenSSL until spring 2006, according to the advisory.

The flaws in Cisco’s products potentially allow remote attackers to capture data and execute arbitrary code on users’ systems.

OpenSSL is an open-source version of secure sockets layer (SSL), which is used by browsers to protect data transmitted over the internet.

Cisco said six of its products were affected by the problem ranging from network management systems to wireless controllers.

The advisory is available here:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy