-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is the Cisco Product Security Incident Response Team (PSIRT)'s response to the statements made by Oleg Tipisov in his message with subject "Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", posted to Bugtraq on 2005-Dec-21. An archived version of this message can be found here: http://www.securityfocus.com/archive/1/420020 Cisco confirms the statements made by Mr. Tipisov, and has published a Field Notice to document the vulnerability and provide solutions and workarounds. The Field Notice can be found at the following location: Field Notice: FN - 61965 - CS ACS for Windows Downloadable IP Access Control List Vulnerability http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml We greatly appreciate the opportunity to work with researchers on security vulnerabilities, and welcome the opportunity to review and assist in product reports. Best regards, - -- Eloy Paris Product Security Incident Response Team (PSIRT) Cisco Systems, Inc. Ph: +1 919 392-9118 Cell: +1 919 349-2990 Pager: (888) 347-7178 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDtZhkagjTfAtNY9gRAqhTAKCZ2HRGCLXu86ng/jJa3uaynVNQTACglVDA JuYN8eOPy9HdQct1yR86GWY= =swKK -----END PGP SIGNATURE-----
