Vulnerability In Crypto Library
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability has been discovered in a third party cryptographiclibrary which is used by a number of Cisco products. This vulnerability may betriggered when a malformed Abstract Syntax Notation One (ASN.1) object isparsed. Due to the nature of the vulnerability it may be possible, in somecases, to trigger this vulnerability without a valid certificate or validapplication-layer credentials (such as a valid username or password). Successful repeated exploitation of any of these vulnerabilities
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-crypto?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Vulnerability%20In%20Crypto%20Library&vs_k=1 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2006-3894 and VU#754281. |