Heartbleed Bug Found in Cisco Routers, Juniper Gear

Jeff Kell jeff-kell at utc.edu
Sun Apr 13 01:37:36 UTC 2014

On 4/12/2014 8:55 PM, Harry Hoffman wrote:
> Didn't Cisco already release a bunch of updates related to Anyconnect and heartbleed?

There were AnyConnect for iOS (little "i", not big "I") issues with
heartbleed, but everything else has been mostly phone and UCS related.
IOS XE is affected if you have enabled https:// administrative
interface.  Otherwise no (at least not yet, they're still checking).

There were, however, four separate security issues released this week
that affected SSL VPN, AnyConnect, and ASAs (I had to patch our ASAs
even though we do not do SSL VPN or AnyConnect, there is a DoS attack
possible via SIP).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140412/564128e7/attachment.sig>

More information about the NANOG mailing list