News Stay informed about the latest enterprise technology news and product updates.

Multiple Cisco products among those clobbered by OpenSSL flaw

Cisco switches, routers and firewalls are vulnerable to attack due to a problem in OpenSSL that has other software vendors scrambling to cope.

Cisco switches, routers and firewalls are vulnerable to attack due to a problem in OpenSSL that has other software...

vendors scrambling to cope. Failure to deal with the problem can leave systems open to remote denial of service (DoS).

Multiple products with HTTPS servers running OpenSSL are vulnerable to a remote DoS attack. OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for security and cryptographic applications.

For more information

Click here for the Cisco advisory or here for the fix.

For information about other products affected by the flaw, see below:


Red Hat

By using a specially formed SSL/TLS handshake, a vulnerability in the do_change_cipher_spec function in OpenSSL (versions 0.9.6c through 0.9.6k, and 0.9.7a through 0.9.7c) can allow a remote attacker to force a null-pointer assignment that crashes or resets the hardware, causing a DoS.

The problem affects Cisco IOS, Cisco PIX, Cisco Firewall Services Module for the Cisco Catalyst, Cisco MDS Multilayer Switch, Cisco Content Service Switch, Cisco Global Site Selector, CiscoWorks Common Services, CiscoWorks Common Management Foundation and Cisco Access Registrar (see Cisco site for version details).

Devices that use Secure Shell (SSH) instead of OpenSSL for secure access aren't affected by this vulnerability.

Limited workarounds are possible, including restricting access to the HTTPS server and disabling the SSL server or service. Cisco has provided fixes for these problems.

Cisco isn't alone in dealing with the OpenSSL problem. Vendors including Debian, EnGarde, FreeBSD, Gentoo, Kerberos, Mandrake, Red Hat, Slackware and SuSE are all struggling to deal with the consequences of the OpenSSL problem.

Dig Deeper on Network Hardware

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.