In association with heise online

11 February 2010, 11:15

Cisco closes critical holes in IronPort Appliances

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco warns of critical holes in its IronPort Encryption Appliances which allow attackers, without authentication, to remotely read out data as well as inject and execute arbitrary code. According to the vendor, all the holes are contained in the embedded web servers of these products. Two flaws in the administration interface and in the WebSafe servlet enable attackers to access files, while an unspecified flaw in the HTTPS server allows the execution of malicious code at escalated privilege levels.

The affected products are:

  • Cisco IronPort Encryption Appliance 6.5
  • Cisco IronPort Encryption Appliance 6.2
  • Cisco IronPort PostX MAP

Cisco say that the IronPort series C, M and S Appliances are not affected. The vendor has made updates and 6.5.2 available for the vulnerable products. As a workaround, users are advised to filter Appliance access or disable the HTTP invoker. The original advisory contains instructions for the latter.

See also:


    Print Version | Send by email | Permalink:

    • July's Community Calendar

    The H Open

    The H Security

    The H Developer

    The H Internet Toolkit