Although the now-notorious Heartbleed insect is being fixed by several companies on the internet site level, the OpenSSL data encryption flaw also affects an unknown quantity of networking hardware from companies including Cisco Systems.
Cisco published a bulletin on its website, warning that a few of its own marketing hardware and software, which includes hubs, Ethernet switches, access points, and more, is affected by the Heartbleed bug, a fault in the OpenSSL data security software used by many of the world’s websites. Though most of the components would not be seen in the average man’s home, the hardware that Cisco recognizes as susceptible is likely used by private companies, governments, and other organisations.
We inquired whether a web site that was patched would still be susceptible to Heartbleed when the business running the site continues to be utilizing Cisco equipment and/or services to keep it up and running, and reached out for comment to Cisco. Nigel Glennie, Senior Manager of Worldwide Business Communcations for Cisco, responded to our request for opinion, saying the listing of affected hardware and services “are maybe not likely to be the sort of merchandise which enable the exploitation of consumer information on a web site.” Read more.
Yet, that appears to run unlike Cisco’s own bulletin, which states that “Multiple Cisco products feature a version of the OpenSSL package affected with a vulnerability that may permit an unauthenticated, remote attacker to retrieve storage in chunks of 64 kilobytes from a connected client or host.” On top of that, the bulletin also says that “disclosed parts of storage can contain sensitive information which could include personal keys and passwords.” More about security problems .
Our website is currently awaiting clarification to the obvious discrepancy between the declaration and the published safety advisory of Cisco of Glennie. For anonymity issues also read this site about vpn software.
Here’s the listing of Cisco marketing components and services that is affected by the Heartbleed insect, according to the established message, as of the writing of the company. Cisco will continue to upgrade these lists, so always check back with this particular Security Advisory site regularly.