Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Cisco has released an update which addresses a trio of vulnerabilities in its IronPort line of products.
The company said that the flaws affect versions 6.2 and 6.5 of the IronPort Encryption appliance as well as IronPort PostX MAP. The company said that the IronPort C, M and S appliances were not believed to be vulnerable.
Cisco reported that two of the flaws, if exploited, could allow an attacker to view sensitive system administration, while the third could allow an attacker to remotely execute code.
The first of the information disclosure flaws was found in the appliance's administration interface component, while the second vulernability was found in the WebSafe Servlet component.
The remote code execution vulnerability was found within the HTTPS server component. That vulnerability can be mitigated by restricting access to trusted IP addresses, the company said.
Administrators looking to obtain and install the fixes are advised to contact Cisco's IronPort technical support team.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.