WebEx

Jon Kibler Jon.Kibler at aset.com
Fri Aug 15 13:55:51 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yesterday, Cisco announced a critical vulnerability in WebEx:
   http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml

The interesting thing about this vulnerability is that you can clean up
all of your WebEx installs, but as soon as you create a session with a
WebEx server that has not been upgraded, you are once again vulnerable.
In other words, you are at the mercy of your WebEx presenter.

BTW, despite the fact that Cisco says exploits are available, there is
not the first mention of this vulnerability on the WebEx web site.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkiliucACgkQUVxQRc85QlMpJgCgiCPz+nXKOFrVsWkI/7o0HnHI
OhAAnRVH6X9IU3+oc/TRnDrFOqAkadmo
=aulb
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the NANOG mailing list