-
-
Cisco Unified Computing System SSL证书验证绕过漏洞(CVE-2012-4117)
-
发表于:
2013-10-24 02:10
879
-
Cisco Unified Computing System SSL证书验证绕过漏洞(CVE-2012-4117)
发布日期:2013-10-17
更新日期:2013-10-22
受影响系统:
Cisco Unified Computing System (UCS) 2.0
Cisco Unified Computing System (UCS) 1.4
Cisco Unified Computing System (UCS)
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 63209
CVE(CAN) ID: CVE-2012-4117
Cisco Unified Computing System是一个集计算、虚拟化和网络于一体的平台。
Cisco Unified Computing System的Fabric Interconnect模块存在信息泄露漏洞,未经身份验证的远程攻击者可利用此漏洞执行中间人攻击,然后查看或修改KVM视频渠道上的数据流。此漏洞源于没有正确验证服务器SSL证书。
<*来源:Cisco
链接:
d70K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8G2L8$3I4K6i4K6u0W2j5$3W2K6j5$3!0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3y4W2L8Y4c8W2M7W2)9J5c8X3y4G2L8Y4c8W2L8Y4c8Q4x3V1k6o6K9i4y4U0L8#2y4W2j5%4g2J5K9i4c8&6e0X3!0@1K9h3y4W2i4K6u0r3b7#2k6q4i4K6u0V1x3U0l9I4x3W2)9J5k6o6b7I4x3e0M7`.
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
d87K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4A6M7$3y4G2i4K6u0W2j5$3!0E0i4K6u0r3k6$3!0Q4x3V1k6H3M7$3W2J5N6l9`.`.
d2dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8G2L8$3I4K6i4K6u0W2j5$3W2K6j5$3!0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3y4W2L8Y4c8W2M7W2)9J5c8X3y4G2L8Y4c8W2L8Y4c8Q4x3V1k6o6K9i4y4U0L8#2y4W2j5%4g2J5K9i4c8&6e0X3!0@1K9h3y4W2i4K6u0r3b7#2k6q4i4K6u0V1x3U0l9I4x3W2)9J5k6o6b7I4x3e0M7`.来源:
2cdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3I4A6L8Y4g2^5K9h3c8U0i4K6u0W2j5$3!0E0i4K6u0r3e0r3W2F1N6i4S2Q4x3V1j5J5x3o6p5K6i4K6u0V1x3e0m8Q4x3V1j5&6x3e0M7^5x3#2)9J5k6h3S2@1L8b7`.`.
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
