Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Response
==============
This is the Cisco Product Security Incident Response Team (PSIRT)'s
response to the statements made by Oleg Tipisov in his message with
subject "Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
posted to Bugtraq on 2005-Dec-21. An archived version of this message
can be found here:
http://www.securityfocus.com/archive/1/420020
Cisco confirms the statements made by Mr. Tipisov, and has published a
Field Notice to document the vulnerability and provide solutions and
workarounds.
The Field Notice can be found at the following location:
Field Notice: FN - 61965 - CS ACS for Windows Downloadable IP Access
Control List Vulnerability
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml
We greatly appreciate the opportunity to work with researchers on
security vulnerabilities, and welcome the opportunity to review and
assist in product reports.
Best regards,
- --
Eloy Paris
Product Security Incident Response Team (PSIRT)
Cisco Systems, Inc.
Ph: +1 919 392-9118
Cell: +1 919 349-2990
Pager: (888) 347-7178
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDtZhkagjTfAtNY9gRAqhTAKCZ2HRGCLXu86ng/jJa3uaynVNQTACglVDA
JuYN8eOPy9HdQct1yR86GWY=
=swKK
-----END PGP SIGNATURE-----