Cisco 发布了7个安全公告,以修复多个Cisco产品中的多个漏洞。远端攻击者可以向受影响系统发出特制的SSL连线或恶意封包来攻击这些漏洞。
成功利用这些漏洞可以导致服务受阻断或在受影响系统绕过SSL证书确认,视乎攻击者利用哪个漏洞而定。
适用于受影响系统的修补程式已可获取。受影响系统的用户应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。
用户可联络其产品支援供应商,以取得修补程式及有关支援。
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort
https://www.hkcert.org/my_url/zh/alert/18041902
https://www.us-cert.gov/ncas/current-activity/2018/04/18/Cisco-Releases-Security-Updates-Multiple-Products
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0227 (to CVE-2018-2231)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0240