cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1724
Views
0
Helpful
4
Replies

TLS Protocol Session Renegotiation Security Vulnerability

chally.dean
Level 1
Level 1

Has anyone out there been trying to figure out a way to deal with this TLS vulnerability?

An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml

4 Replies 4

joe_ironport
Level 1
Level 1

Can anyone from Cisco comment on whether or not the ESAs are affected by this vulnerability? If so should we expect a new build of ASYNC and when?

steven_geerts
Level 1
Level 1

As far as I know Ironport supported TLS far before the Cisco take-over.

since the link is broken I can not read the Cisco advisory but i can imagine the Ironport product family is not involved in this issue.

Steven

chally.dean
Level 1
Level 1

I have updated the link.

This is a TLS/SSL vulnerability that is industry wide. it is a problem with the protocols themselves not the implementation. I am certain that it affects IronPort and have word that they are working on it.

I was hoping someone from IronPort would jump in and let us know what was going on, and when we would expect to see an update for the AsynchOS.

Thierry ZOLLER does a good job of explaining the issue at the below link.
http://www.g-sec.lu/practicaltls.pdf

kyerramr
Level 1
Level 1

As pointed out, this is a vulnerability in the protocol design itself and not with the implementation.

Cisco IronPort is actively investigating and more information will be posted on the Cisco advisory page http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml

Best
Kishore

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: