Computer Security
[EN] securityvulns.ru no-pyccku


Cusci IronPort Encryption Appliance / PostX multiple security vulnerabilities
Published:18.01.2009
Source:
SecurityVulns ID:9601
Type:remote
Threat Level:
6/10
Description:Unauthorized access to encrypted messages, unauthorized access to administration interface.
Affected:CISCO : PostX 6.2
 CISCO : IronPort Encryption Appliance 6.3
 CISCO : IronPort Encryption Appliance 6.5
CVE:CVE-2009-0054 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.)
 CVE-2009-0053 (PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error.")
Original documentdocumentCISCO, Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities (18.01.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod