Et la réponse de Cisco : NANOG members:
Hi there. This is Dario Ciccarone from the Cisco PSIRT - the Product Security Incident Response Team. This is to acknowledge we're aware of this issue, and we're working with all the appropriate parties. Indeed, it seems the culprit is Cisco bug ID CSCul36176 - which was released as part of the Cisco Security Advisory "Multiple Vulnerabilities in Cisco ASA Software ", which was published on October 8th, 2014. The full advisory is available at the following URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa <http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa> As I said, the Cisco PSIRT is working with the Cisco Technical Assistance Center on this matter, and we're analyzing the available information. The advisory will be updated to reflect the fact we're seeing active exploitation of this issue. NANOG members are welcome to contact us at ps...@cisco.com <mailto:ps...@cisco.com> if they have any additional questions or concerns, or any information relevant to this issue. Thanks, Dario --------------------------- Liste de diffusion du FRnOG http://www.frnog.org/
