Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Vulnerability Alert

Apache HTTP Server Overlapping Ranges Denial of Service Vulnerability

 
Threat Type:CWE-399: Resource Management Errors
IntelliShield ID:24004
Version:27
First Published:2011 August 25 13:38 GMT
Last Published:2013 July 12 14:23 GMT
Port: Not available
CVE:CVE-2011-3192
BugTraq ID:49303
Urgency:Unlikely Use
Credibility:Confirmed
Severity:Mild Damage
CVSS Base:7.8 CVSS Calculator
CVSS Version 2.0
CVSS Temporal:6.1
 
Version Summary:MontaVista Software has released a security alert and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.
 
 
Description
Apache HTTP Server contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to improper processing of certain user-supplied requests by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to the system. Processing such requests could cause the application to consume excessive memory, resulting in a DoS condition on the system.

Proof-of-concept exploit code is publicly available.

Apache has confirmed this vulnerability and updated software is available.
 
Warning Indicators
The following Apache products are vulnerable:
  • Apache HTTP Server versions prior to 2.2.20
  • Apache HTTP Server versions prior to 2.0.65
 
IntelliShield Analysis
To exploit this vulnerability, the attacker must send crafted requests to the system. Depending on the network configuration, the attacker may need access to trusted, internal networks. This access requirement decreases the likelihood of a successful exploit.

According to the vendor advisory, the updated software version 2.0.65 will be released in September 2013.
 
Vendor Announcements
Apache has released security advisories at the following links: CVE-2011-3192 (UPDATE), CVE-2011-3192 (UPDATE 2), and CVE-2011-3192

Apple has released a security update at the following link: OS X Lion v10.7.2 and Security Update 2011-006

Cisco has re-released a security advisory at the following link: cisco-sa-20110830-apache

FreeBSD has released a VuXML document at the following link: apache -- Range header DoS vulnerability

Hitachi has released a security advisory at the following link: HS11-019

HP has released security bulletins c02997184, c03025215, c03011498, c03280632, c03285138, and c03517954 at the following links: HPSBUX02702 SSRT100606, HPSBUX02707 SSRT100626, HPSBMU02704 SSRT100619, HPSBMU02764 SSRT100827, HPSBMU02766 SSRT100624, and HPSBOV02822 SSRT100966

IBM has released a flash alert at the following link: swg21512087

MontaVista Software released a security alert on July 11, 2013, for registered users at the following link: MontaVista Security Fixes

Oracle has released security advisories at the following links: Oracle Security Alert for CVE-2011-3192, CVE-2011-3192, Oracle Security Blog for CVE-2011-3192, and Oracle Critical Patch Update - January 2012

Novell has released a technical information document at the following link: 7009621

Red Hat has released security advisories at the following links: RHSA-2011:1245, RHSA-2011:1294, RHSA-2011:1300, RHSA-2011:1329, RHSA-2011:1330, and RHSA-2011:1369

US-CERT has released a vulnerability note at the following link: VU#405811
 
Impact
An unauthenticated, remote attacker could exploit this vulnerability to terminate the affected software unexpectedly, resulting in a DoS condition.
 
Technical Information
The vulnerability is due to improper handling of Range and gzip Accept-Encoding headers while processing user-supplied requests by the affected software. The vulnerable software uses these range requests to perform bandwidth optimization, allowing a client to request only the interesting parts rather than a complete resource.

An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests that consist of overlapping ranges to the system. Processing such requests could cause the application to compress each of the requested bytes, resulting in excessive memory consumption. A successful exploit could terminate the affected software unexpectedly, resulting in a DoS condition.
 
Safeguards
Administrators are advised to contact the vendor regarding future updates and releases.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators may consider filtering requests that contain abusive HTTP Range: or Request-Range: header values.

Administrators are advised to monitor affected systems.

The Cisco Applied Intelligence team has created the following companion document to guide administrators in identifying and mitigating attempts to exploit this vulnerability prior to applying updated software: cisco-amb-20110830-apache
 
Patches/Software
Apache has released updated software at the following links:

Apache HTTP Server 2.2.21
Apache HTTP Server 2.0.65

Apple has released updated software at the following links:

Apple Mac OS X and Mac OS X Server 10.6.8:
Mac OS X 10.6.8
Mac OS X Server 10.6.8

Apple Mac OS X and Mac OS X Server 10.7.2:
Mac OS X Lion 10.7.2
Mac OS X Lion Server 10.7.2

CentOS packages can be updated using the up2date or yum command.

Cisco customers with active contracts can obtain updates through the Software Center. Cisco customers without contracts can obtain upgrades by contacting the Cisco Technical Assistance Center at 1-800-553-2447 or 1-408-526-7209 or via e-mail at tac@cisco.com.

FreeBSD releases ports collection updates at the following link: Ports Collection Index

Hitachi customers should contact their support representatives to obtain updates.

HP has released software updates at the following links:

Onboard Administrator (OA) v3.55
HP-UX Web Server Suite (WSS) v3.18
HP-UX Web Server Suite (WSS) v3.19
HP-UX Web Server Suite (WSS) v2.33

HP-UX Web Server Suite (WSS) v2.34
HP System Management Homepage (SMH) 7.0
HP OpenView Network Node Manager (OV NNM) v7.53
HP Secure Web Server for OpenVMS V2.2 Update 2

IBM has released a fix at the following link: IBM

MontaVista Software has released updated software for registered users at the following links:

Pro 4.0.1
CGE 4.0.1
Mobilinux 4.1
Mobilinux 4.0.2
Pro 5.0
CGE 5.1
Mobilinux 5.0
Pro 5.0.24
Mobilinux 5.0.24

Oracle has released patches for registered users at the following links:

SPARC
Solaris 10 with patch 120543-24 or later

Intel
Solaris 10 with patch 120544-24 or later

Oracle has released patches for registered users at the following link: Oracle

Oracle has released patches for registered users at the following links: Oracle Supply Chain Product Suite

Red Hat packages can be updated using the up2date or yum command.

Signatures
 
Cisco Intrusion Prevention System (IPS) 6.0
Signature IDSignature NameReleaseLatest Release Date
38846/0Apache Range Remote Denial of ServiceS7092013 Apr 17 
Cisco Small Business IPS
Signature IDSignature NameReleaseLatest Release Date
SBIPS2011-000301/Apache Range Remote Denial of ServiceSBIPS0000162011 Oct 13 
 
Alert History
 

Version 26, July 11, 2013, 1:06 PM: Apache has released an additional security advisory and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 25, October 10, 2012, 2:21 PM: HP has released an additional security bulletin and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 24, April 18, 2012, 2:20 PM: HP has released an additional security bulletin and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 23, April 17, 2012, 5:36 PM: HP has released an additional security bulletin and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 22, January 24, 2012, 10:37 AM: Cisco has re-released a security advisory and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 21, January 19, 2011, 4:35 PM: Oracle has released security advisories and patches to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 20, January 11, 2012, 9:39 AM: MontaVista has released a security alert and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 19, January 3, 2012, 4:55 PM: Hitachi has released a security advisory and updated packages to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version, 18, November 15, 2011, 10:59 AM: Oracle has released a security advisory and patches to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 17, November 4, 2011, 8:14 AM: HP has released an additional security bulletin and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 16, October 28, 2011, 8:40 AM: HP has re-released security bulletins and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 15, October 26, 2011, 9:35 AM: Novell has released a technical information document to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 14, October 15, 2011, 9:02 PM: Red Hat has released an additional security advisory and updated packages to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 13, October 13, 2011, 12:46 PM: Apple has released a security update and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 12, September 29, 2011, 11:27 AM: Red Hat has released an additional security advisory and updated packages to address the Apache HTTP Server overlapping ranges denial of service vulnerability. Oracle and HP have also released updates to address this vulnerability.

Version 11, September 16, 2011, 2:15 PM: Oracle has released a security advisory and patches to address the Apache HTTP Server overlapping ranges denial of service vulnerability. Red Hat has also released an additional security advisory and updated software to address this vulnerability.

Version 10, September 15, 2011, 10:45 AM: Cisco has re-released a security advisory and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability. Red Hat has also released an additional security advisory and updated software to address this vulnerability.

Version 9, September 14, 2011, 10:46 AM: Apache has released an additional security advisory and updated software to address the HTTP Server overlapping ranges denial of service vulnerability.

Version 8, September 9, 2011, 5:36 PM: HP has released a security bulletin and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 7, September 7, 2011, 9:20 AM: Cisco has re-released a security advisory and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 6, September 2, 2011, 11:59 AM: Cisco has re-released a security advisory and updated software to address the Apache HTTP Server overlapping ranges denial of service vulnerability. CentOS and IBM have also released security advisories and updated software to address this vulnerability.

Version 5, September 1, 2011, 8:35 AM: Red Hat has released a security advisory and updated packages to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 4, August 31, 2011, 1:49 PM: Apache has released updated software to address the HTTP Server overlapping ranges denial of service vulnerability.

Version 3, August 30, 2011, 11:42 AM: Cisco and FreeBSD have released security advisories and software updates to address the Apache HTTP Server overlapping ranges denial of service vulnerability.

Version 2, August 26, 2011, 2:27 PM: Apache has released an additional security advisory with workarounds to address the HTTP Server overlapping ranges denial of service vulnerability.

Version 1, August 25, 2011, 8:38 AM: Apache HTTP Server contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. Updates are not available.


Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
Apache Software FoundationApache HTTP Server 2.0 Base | 2.0.28 Base | 2.0.29 Base | 2.0.30 Base | 2.0.31 Base | 2.0.32 Base | 2.0.33 Base | 2.0.34 Base | 2.0.35 Base | 2.0.36 Base | 2.0.37 Base | 2.0.38 Base | 2.0.39 Base | 2.0.40 Base | 2.0.41 Base | 2.0.42 Base | 2.0.43 Base | 2.0.44 Base | 2.0.45 Base | 2.0.46 Base | 2.0.47 Base | 2.0.48 Base | 2.0.49 Base | 2.0.50 Base | 2.0.51 Base | 2.0.52 Base | 2.0.53 Base | 2.0.54 Base | 2.0.55 Base | 2.0.56 Base | 2.0.57 Base | 2.0.58 Base | 2.0.59 Base | 2.0.61 Base | 2.0.63 Base | 2.0.64 Base | 2.1 Base, .2, .3, .4, .5, .6, .7, .8, .9, .10 | 2.2 .0, .1, .2, .3, .4, .6, .7, .8, .9, .10, .11, .12, .13, .14, .15, .16, .17, .18, .19

Associated Products:
AppleMac OS X 10.6 Intel, PPC | 10.6.1 Intel, PPC | 10.6.2 Base | 10.6.3 Base | 10.6.4 Base | 10.6.5 Base | 10.6.6 Base | 10.6.7 Base | 10.7 Base | 10.7.1 Base
AppleMac OS X Server 10.6 Intel, PPC | 10.6.1 Intel, PPC | 10.6.2 Base | 10.6.3 Base | 10.6.4 Base | 10.6.5 Base | 10.6.6 Base | 10.6.7 Base | 10.7 Base | 10.7.1 Base
CentOS ProjectCentOS 4 .0 i386, .0 x86_64, .1 i386, .1 x86_64, .2 i386, .2 x86_64, .3 i386, .3 x86_64, .4 i386, .4 x86_64, .5 i386, .5 x86_64, .6 i386, .6 x86_64, .7 i386, .7 x86_64
CiscoCisco Mobility Services Engine 5.1 Base | 5.2 Base | 6.0 Base | 7.0 Base
CiscoCisco Quad 2.0 Base
CiscoCisco Security Agent 6.0 .2.151
CiscoCisco TelePresence 1.1 .1 | 1.2 .0, .1, .2 | 1.3 Base, .2 | 1.6 .0, .2, .3, .4, .5, .6, .7, .8 | 1.7 .0, .1, .2
CiscoCisco Video Surveillance Operations Manager Software 3.0 .0 | 3.1 .0, .1 | 4.0 .0 | 4.1 .0, .1 | 4.2 .0
CiscoCisco Wide Area Application Services (WAAS) 4.4 .3a
CiscoCisco Wireless Control System (WCS) Software 6.0 Base | 4.0 Base, .1.0, .43.0, .66.0, .81.0, .87.0, .96.0, .97.0 | 4.1 Base, .83.0, .91.0 | 4.2 Base, .62.0, .62.11
CiscoCiscoWorks Common Services (CS) 1.0 Base | 2.2 Base | 2.3 Base | 3.0 Base, .3, .4, .5, .6 | 3.1 Base, .1 | 3.2 Base | 3.3 .0
CiscoCiscoWorks LAN Management Solution (LMS) 1.0 Base | 1.1 Base | 1.2 Base | 1.3 Base | 2.0 Base | 2.1 Base | 2.2 Base | 2.5 Base, .1 | 2.6 Base | 3.0 Base, .1 | 3.1 Base | 3.2 Base | 4.0 Base
CiscoCisco MDS 9000 NX-OS Software 2.1 Base | 3.0 Base | 3.2 Base | 4.1 Base | 4.2 Base
CiscoCisco Network Asset Collector 1 Base, .2
FreeBSD ProjectFreeBSD 7.2 Base | 7.3 Base | 7.4 Base | 8.0 Base | 8.1 Base
Hitachi, Ltd.Hitachi Web Server (AIX) 03-00 Base, -01, -02, -03, -04, -05 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07, -08, -09 | 04-00 Base, -01, -02 | 04-10 Base, -01, -02, -03, -04, -05
Hitachi, Ltd.Hitachi Web Server (HP-UX IPF) 03-00 Base, -01, -02, -03, -04, -05 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07, -08, -09 | 04-00 Base, -01, -02, -03, -04 | 04-10 Base, -01, -02 | 04-20 Base
Hitachi, Ltd.Hitachi Web Server (HP-UX) 03-00 Base, -01
Hitachi, Ltd.Hitachi Web Server (Linux IPF) 03-00 Base, -01, -02, -03, -04, -05, -06 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07, -08, -09 | 04-00 Base, -01, -02, -03, -04, -05 | 04-10 -01, -02, -03
Hitachi, Ltd.Hitachi Web Server (Linux) 03-00 Base, -01, -02, -03, -04, -05, -06 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07, -08, -09 | 04-00 Base, -01, -02, -03, -04, -05 | 04-10 -01, -02, -03, -04, -05 | 04-20 Base
Hitachi, Ltd.Hitachi Web Server (Solaris) 03-00 Base, -01 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07 | 04-00 -01, -02, -03, -04, -05
Hitachi, Ltd.Hitachi Web Server (Solaris x64) 04-00 -01
Hitachi, Ltd.Hitachi Web Server (Windows x64) 04-10 -01, -02, -03
Hitachi, Ltd.Hitachi Web Server (Windows) 03-00 Base, -01, -02, -03, -04, -05, -06 | 03-10 Base, -01, -02, -03, -04, -05, -06, -07, -08, -09, -10 | 04-00 Base, -01, -02, -03, -04, -05 | 04-10 -01, -02, -03, -04
HPHP OpenView Network Node Manager (NNM) 7.01 Base | 7.50 Base | 7.51 Base | 7.52 Base | 7.53 Base
HPHP-UX 11.11/11i Base | 11.23 Base | 11.31 Base
HPHP-UX Web Server Suite (HPUXWSSUITE) 2.33 Base | 3.18 Base
HPOnboard Administrator 3.21 Base | 3.30 Base | 3.31 Base | 3.32 Base | 3.50 Base
HPSecure Web Server (SWS) for OpenVMS Itanium 2.1 -1 | 2.2 Base
HPSecure Web Server (SWS) for OpenVMS Alpha 1.7 -7, -8 | 2.1 -1 | 2.2 Base
HPSystem Management Homepage (SMH) 6.0.0 Base | 6.1 Base | 6.2 Base
IBMHTTP Server 2.0.42 Base, .1, .2 | 2.0.47 Base, .1 | 6.0.2 .0, .1, .3, .5, .7, .9, .11, .13, .15, .17, .19, .21, .23, .25, .27, .29, .31, .33, .35, .37, .39, .41 | 6.1.0 Base, .1, .2, .3, .4, .5, .6, .7, .8, .9, .10, .11, .12, .13, .15, .16, .17, .18, .19, .20, .21, .23, .25, .27, .29, .31, .33, .35 | 7.0.0 Base, .3, .5, .7, .9, .11, .13
IBMWebSphere Application Server 6.0 Base, .0.2, .0.3, .1, .1.1, .1.2, .2, .2.1, .2.2, .2.3, .2.4, .2.5, .2.6, .2.7, .2.8, .2.9, .2.11, .2.13, .2.15, .2.17, .2.18, .2.19, .2.20, .2.21, .2.23, .2.25, .2.27, .2.29, .2.31, .2.33, .2.34, .2.35, .2.37, .2.38, .2.39, .2.40, .2.41, .2.42, .2.43 | 6.1 .0, .0.1, .0.2, .0.3, .0.4, .0.5, .0.6, .0.7, .0.8, .0.9, .0.10, .0.11, .0.12, .0.13, .0.14, .0.15, .0.17, .0.19, .0.21, .0.23, .0.25, .0.28, .0.29, .0.30, .0.31, .0.33, .0.35, .0.37, .0.39 | 7.0 .0.0, .0.1, .0.3, .0.5, .0.6, .0.7, .0.8, .0.10, .0.9, .0.11, .0.13, .0.15, .0.17, .0.18 | 8.0 Base
IBMWebSphere Application Server Hypervisor Edition 6.1 Base | 7.0 Base
IBMWebSphere Application Server for z/OS 5.1 .0.0 | 6.0 .1.0, .1.1, .1.2, .2.0, .2.1, .2.2, .2.3, .2.4, .2.5, .2.6, .2.7, .2.8, .2.9, .2.10, .2.11, .2.12, .2.13, .2.15, .2.16, .2.17, .2.18, .2.19, .2.20, .2.21, .2.22, .2.23, .2.24, .2.25, .2.27, .2.29, .2.31, .2.33, .2.34, .2.35, .2.36, .2.37, .2.38 | 6.1 .0.0, .0.1, .0.2, .0.3, .0.4, .0.5, .0.6, .0.7, .0.8, .0.9, .0.10, .0.11, .0.12, .0.13, .0.14, .0.15, .0.16, .0.17, .0.18, .0.19, .0.21, .0.22, .0.23, .0.24, .0.25, .0.27, .0.28, .0.29, .0.31, .0.33, .0.35, .0.37, .0.39 | 7.0 .0.0, .0.1, 0.3, .0.5, .0.7, .0.9, .0.11, .0.13, .0.15, .0.17, .0.18 | 8.0 .0.0
MontaVistaMontaVista Linux Professional 4.0.1, 5.0, 5.0.24 | Mobilinux 4.0.2, 4.1, 5.0, 5.0.24 | CGE 4.0.1, 5.0
Novell, Inc.NetWare 6.5 SP6, SP7, SP8
Oracle CorporationOracle Application Server 10g 10.1.2 .3.0 | 10.1.3 .5.0
Oracle CorporationOracle Fusion Middleware 11 .1.1.3.0, .1.1.4.0, .1.1.5.0
Oracle CorporationOracle Transportation Manager 5.5 .05.07, 06.00 | 6.0 .03 | 6.1 Base | 6.2 Base
Oracle CorporationSolaris Express 11 2010.11
Red Hat, Inc.JBoss Enterprise Web Server EL4 IA-32, x86_64 | EL5 IA-32, x86_64 | EL6 IA-32, x86_64
Red Hat, Inc.Red Hat Application Stack 2 ia-32, x86_64
Red Hat, Inc.Red Hat Desktop 4 IA-32, x86_64
Red Hat, Inc.Red Hat Enterprise Linux 5 IA-32, IA-64, PPC, ppc64, s390, s390x, x86_64
Red Hat, Inc.Red Hat Enterprise Linux Advanced Server 4 IA-32, IA-64, x86_64, PPC, s390, s390x
Red Hat, Inc.Red Hat Enterprise Linux Desktop 5 IA-32, x86_64 | 6 IA-32, x86_64
Red Hat, Inc.Red Hat Enterprise Linux Desktop Workstation 5 IA-32, x86-64
Red Hat, Inc.Red Hat Enterprise Linux Enterprise Server 4 IA-32, IA-64, x86_64
Red Hat, Inc.Red Hat Enterprise Linux ELS (Extended Life Cycle Support) 3 IA-32
Red Hat, Inc.Red Hat Enterprise Linux EUS (Extended Update Support) 5.6.z IA-32, IA-64, PPC, PPC64, s390, s390x, x86_64
Red Hat, Inc.Red Hat Enterprise Linux HPC Node 6 x86_64
Red Hat, Inc.Red Hat Enterprise Linux Long Life 5.3 i386, ia64, x86_64 | 5.6 i386, ia64, x86_64
Red Hat, Inc.Red Hat Enterprise Linux Server 6 IA-32, PPC, PPC 64, s390, s390x, x86_64
Red Hat, Inc.Red Hat Enterprise Linux Server EUS 6.0.z IA-32, ppc64, s390x, x86_64 | 6.1.z IA-32, PPC, PPC64, s390, s390x, x86_64
Red Hat, Inc.Red Hat Enterprise Linux Workstation 4 IA-32, IA-64, x86_64 | 6 IA-32, x86_64
Sun Microsystems, Inc.Solaris 10 sparc, x64/x86
Sun Microsystems, Inc.Sun Secure Global Desktop Software 4.2 Base | 4.4 Base | 4.5 Base | 4.6 Base | 4.61 Base




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield