-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, This post is to confirm that the Cisco Systems PSIRT is actively researching into this issue. We will be providing a more thorough answer on Monday, August 22, 2005. Attached: a cleartext, PGP signed version of this same email. Thanks, Dario Quidquid latine dictum sit, altum viditur Dario Ciccarone CCIE #10395 Product Security Incident Response Team (PSIRT) Cisco Systems, Inc. dciccaro@xxxxxxxxx > -----Original Message----- > From: llhansen-bugtraq@xxxxxxxxx [mailto:llhansen-bugtraq@xxxxxxxxx] > Sent: Friday, August 19, 2005 12:30 PM > To: bugtraq@xxxxxxxxxxxxxxxxx > Subject: Cisco Clean Access Agent (Perfigo) bypass > > Description: > Cisco Clean Access is an easily deployed software solution > that can automatically detect, isolate, and clean infected or > vulnerable devices that attempt to access your network. It > identifies whether networked devices such as laptops, > personal digital assistants, even game consoles are compliant > with your network's security policies and repairs any > vulnerabilities before permitting access to the network. > > Vendor site: > http://www.cisco.com/en/US/products/ps6128/ > > Affected versions: > This works in at least 3.5.3.1 and 3.5.4. > > Discovery Date: > 2005-08-12 > > Report Date: > 2005-08-19 > > Severity: > Medium > > Vulnerability: > End users can bypass the "mandatory" installation of the > Clean Access Agent by changing the User-Agent string of their > browser. This allows them to connect to the network without > the host-based checks being run. If configured, remote checks > are still run. > -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBQwiIOYyVGB+6GuDwEQLARQCgx09VN4cCMHjtWnwcDCFwPI4p1+MAn2aV Ubhp/JALjzD4Y5GPHL7AdXE8 =GgR9 -----END PGP SIGNATURE-----
Attachment:
cisco-bugtraq-cca.txt.asc
Description: cisco-bugtraq-cca.txt.asc