Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Cisco VPN v5.0.07.0410

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
All Threads

This thread has been marked as resolved.
vcollerji Cisco VPN v5.0.07.0410
Member 30th Mar, 2011 13:48
Ranking: 0
Posts: 1
User Since: 6th Dec, 2009
System Score: N/A
Location: N/A
PSI shows this as vulnerable for by Windows XP 32-bit system, whereas Secunia Advisory SA26459 only shows this vulnerability as in versions prior to 5.0.01.0600 for for 32-bit systems. The suggested fix 5.0.07.0440 is only available for 64-bit systems. Any suggestions?

Post "RE: Cisco VPN v5.0.07.0410" has been selected as an answer.
Anthony Wells RE: Cisco VPN v5.0.07.0410
Expert Contributor 30th Mar, 2011 17:29
Score: 2418
Posts: 3,311
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

There is more info here from Cisco to compare/relating to SA26459 :-

http://www.cisco.com/warp/public/707/cisco-sa-2007...

It is talking about "workarounds" being available to apply with Cisco provided software :-

http://www.cisco.com/warp/public/707/cisco-sa-2007...

What is not clear is what you mention concerning versions numbers and architecture (to my untrained eye) , particularly as Secunia/the PSI does not consider/detect/display workarounds as patching , only recording/displaying actually "patched" versions .

You will need to ask Cisco what is the latest patched version in the 32 bit family and try to get them or you to liase with Secunia as , if the PSI is saying your version is insecure :ie: v5.0.07.0410(x86) means they think there is a later patched version which excludes a workaround ; as you say that is only the x64 version ...0440 .

Definitely you need to get Secunia and Cisco interacting , as far as I can discern .

Does that make sense to you ??

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability