-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.0584
          Cisco Intrusion Prevention System MainApp Secure Socket
                   Layer Denial of Service Vulnerability
                               12 March 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Intrusion Prevention System (IPS) Software
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-0654  

Original Bulletin: 
   http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability

Advisory ID: cisco-sa-20150311-ips

Revision 1.0

For Public Release 2015 March 11 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

The Cisco Intrusion Prevention System (IPS) Software has a vulnerability within the SSL/TLS subsystem utilized by the web management interface which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Cisco has released free software updates that address this vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips
- -----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJVAGihAAoJEIpI1I6i1Mx3PCYP/j5Ej14GymDq0dvsDWmnLYlO
JAmJmrSV+r1vWHmj0YcVLVGyXGbmBYnHxZHNCgyB+RKC67jdmoE0zCL5bi69dEFr
ee+L/o8/f22NXcbATdJCb8vdjgW6/3cnKiODyDoEtM7MuDmH/h7eml/I3dDQBfES
oKMTNb+bxVi8ojVNBDa8ml9+Xp6ppuJzDIUm/eq8tAMQXncFMfsQehYCq9GRGN8Z
Rt5N309+C8vcVp5jHP06vcG5xH/sript/zY49nW/TYoC57EMHq3/c0h13mrbCRlO
wIf8Kr+YET1p7++hMzbWq6SLlz0Np5oG3B3zN1UvJ1ABiJ8y3xnV5MrC7iUU17R4
mEQCCJSvvKV32DguKWJ3H/xfZr5uiPPgyXuMw4rPwPBjUJyOYuxArn5q+OXo4JLM
F2oqIgTkm0zHYtEoEwH51KH6X9N2QrssUMomxBsSOs4LwnNcKB2Fyq0HQpX492PL
Pp6DKkOV24HLh5AHwrwKHArmLUIfGejBgyUrjbCt/eT4cutKhwrQhunEnis6jzYj
fTyLmQ5cZjIhT4+8akurpze1fNCTLFd2FVexvbRxNro2iL30LdFDHDUpz/9xsqks
A+ONgWGeKMKnCjawZ9s2OPgNV7WEvibjFiDWHdH7xZM8YpwR/5381OQNwCsdKdvW
alelR0tXSuOXiO6EN9ha
=kotf
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVQDSsxLndAQH1ShLAQI9fA//dtzSqNDLI3BrxgUWmIbDHNypN6kjBofN
sfR4HGcmvNS9p2I//DD87kmBCGg5KctoivsJDLoEpNIk8PV7lzq66mxhD/uwgnOE
NNCfUDywzYoyDnpsDhneoym15C3lxzvv/GPQ1GxD8oG+3/jFmp/6QAitlVsT8Jn+
/K3kMWAbzWAKYUL+5pNXpGb1BgZjaohYBL8qzL+FpyFWS6e3mfmTY75oXQ4e9qMM
chpo14+ZadmaGCKV2SMo/AQPYm1ZGuT+51zHwWmwhvRifhG5bvhcfgOlTNu1Q7pr
ymvvDZWo8GioVBGbGVC5bYWcjDmEqh2GnKwX2SOAoQevFAqjdDRDoejuzzT+iam+
BKfQAG5h4ElhNxJ54sEGLXULDgO06XChqHJ7LR4w5hqCQyGGsTyBKdIGuAYrQ0qK
rSCabfMbWlnOC8tydav8ZLcpFwxUwGJu3xsYXHFvP5TIzlBnTPsYe4A7PpPaxpYi
3QIou0b9B8gKJnE4a9OXRR3ewr045ArmHhLt9tTdFQPo4J6/DLtZbl0Cj7lXuz2P
+75utALLoyrdP9M1pUfvAS4L+cHDcOlKZwA6oIyAvhagRrnGKreScVxSG3Q4kbqn
K4yp8tqrsQhSLhMggyRnD5mDjdG/O04LwAhIIZmvxXH80xddKaS8eSlIG7gUDxe8
zk7ZcDwOD14=
=0D5J
-----END PGP SIGNATURE-----