Re: [cisco-voip] openSSL and heartbleed

2014-04-10 Thread Lelio Fulgenzi
Subject: Re: [cisco-voip] openSSL and heartbleed Should all be the same underlying OS. 10.x would be the only one I'd worry about until someone can check if it is vulnerable since it may have a newer openssl version. On Apr 8, 2014 7:34 PM, Lelio Fulgenzi le...@uoguelph.ca wrote: Thanks

Re: [cisco-voip] openSSL and heartbleed

2014-04-10 Thread Lelio Fulgenzi
) Cc: Brian Meade; cisco-voip voyp list Subject: Re: [cisco-voip] openSSL and heartbleed Thanks Wes. I can imagine the amount of work involved in figuring all this out. My comment was more towards the verbiage included in the advisory. That is, does Unified Communications Server 9.2

[cisco-voip] openSSL and heartbleed

2014-04-08 Thread Lelio Fulgenzi
Does anyone know if/when Cisco will be coming out with a security advisory about Open SSL and heartbleed? http://threatpost.com/seriousness-of-openssl-heartbleed-bug-sets-in/105309 --- Lelio Fulgenzi, B.A. Senior Analyst, Network Infrastructure Computing and Communications Services

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Brian Meade
I don't think that's the correct advisory. That's a DoS vulnerability from 2004. Brian On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi le...@uoguelph.ca wrote: nevermind... my first search did not produce results...

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Lelio Fulgenzi
@puck.nether.net Sent: Tuesday, April 8, 2014 5:16:32 PM Subject: Re: [cisco-voip] openSSL and heartbleed I don't think that's the correct advisory. That's a DoS vulnerability from 2004. Brian On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi le...@uoguelph.ca wrote: nevermind... my first

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Brian Meade
Science and Nutrition Building Guelph, Ontario, N1G 2W1 -- *From: *Brian Meade bmead...@vt.edu *To: *Lelio Fulgenzi le...@uoguelph.ca *Cc: *cisco-voip voyp list cisco-voip@puck.nether.net *Sent: *Tuesday, April 8, 2014 5:16:32 PM *Subject: *Re: [cisco-voip] openSSL

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Brian Meade
Building Guelph, Ontario, N1G 2W1 -- *From: *Brian Meade bmead...@vt.edu *To: *Lelio Fulgenzi le...@uoguelph.ca *Cc: *cisco-voip voyp list cisco-voip@puck.nether.net *Sent: *Tuesday, April 8, 2014 5:16:32 PM *Subject: *Re: [cisco-voip] openSSL and heartbleed I

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Brian Meade
-- *From: *Brian Meade bmead...@vt.edu *To: *Lelio Fulgenzi le...@uoguelph.ca *Cc: *cisco-voip voyp list cisco-voip@puck.nether.net *Sent: *Tuesday, April 8, 2014 5:16:32 PM *Subject: *Re: [cisco-voip] openSSL and heartbleed I don't think that's the correct advisory

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Lelio Fulgenzi
@puck.nether.net Sent: Tuesday, April 8, 2014 5:16:32 PM Subject: Re: [cisco-voip] openSSL and heartbleed I don't think that's the correct advisory. That's a DoS vulnerability from 2004. Brian On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi le...@uoguelph.ca wrote: nevermind... my first

Re: [cisco-voip] openSSL and heartbleed

2014-04-08 Thread Brian Meade
:16:32 PM *Subject: *Re: [cisco-voip] openSSL and heartbleed I don't think that's the correct advisory. That's a DoS vulnerability from 2004. Brian On Tue, Apr 8, 2014 at 5:11 PM, Lelio Fulgenzi le...@uoguelph.cawrote: nevermind... my first search did not produce results... http