Cisco is urging users to update all applications and components that are vulnerable to a Java Secure Socket Extension (JSSE) flaw disclosed by Sun on July 10.
Some versions of Sun JSSE do not properly handle certain Transport Layer Security or Secure Sockets Layer handshake requests, a problem that could result in DoS attacks. Cisco products affected include Cisco Unified Call Manager and Cisco Unified Presence. There is no workaround for this issue, but mitigation is possible, according to a Cisco Security Response.
More Cisco Security Advisories
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
Advertisement: |
The Cisco Subnet blog is written by Network World managing editor Jim Duffy and is the official blog of Network World's Cisco Subnet community. The Cisco Subnet site is managed by Online Community Editor Julie Bort. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
The Leader in Network Knowledge
