[106879] in North American Network Operators' Group
WebEx
daemon@ATHENA.MIT.EDU (Jon Kibler)
Fri Aug 15 09:56:11 2008
Date: Fri, 15 Aug 2008 09:55:51 -0400
From: Jon Kibler <Jon.Kibler@aset.com>
To: nanog@nanog.org
Reply-To: Jon.Kibler@aset.com
Errors-To: nanog-bounces@nanog.org
This is a multi-part message in MIME format...
------------=_1218808558-5749-683
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yesterday, Cisco announced a critical vulnerability in WebEx:
http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml
The interesting thing about this vulnerability is that you can clean up
all of your WebEx installs, but as soon as you create a session with a
WebEx server that has not been upgraded, you are once again vulnerable.
In other words, you are at the mercy of your WebEx presenter.
BTW, despite the fact that Cisco says exploits are available, there is
not the first mention of this vulnerability on the WebEx web site.
Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiliucACgkQUVxQRc85QlMpJgCgiCPz+nXKOFrVsWkI/7o0HnHI
OhAAnRVH6X9IU3+oc/TRnDrFOqAkadmo
=aulb
-----END PGP SIGNATURE-----
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
------------=_1218808558-5749-683--
