CVE-2009-0054

Name of the Vulnerable Software and Affected Versions Cisco IronPort Encryption Appliance versions 6.2.4 through 6.2.4.1.1 Cisco IronPort Encryption Appliance version 6.2.5 Cisco IronPort Encryption Appliance version 6.2.6 Cisco IronPort Encryption Appliance versions 6.2.7 through 6.2.7.7 Cisco IronPort Encryption Appliance versions 6.3 through 6.3.0.4 Cisco IronPort Encryption Appliance versions 6.5 through 6.5.0.2 Cisco IronPort PostX versions 6.2.1 through 6.2.1.1 Cisco IronPort PostX versions 6.2.2 through 6.2.2.3

Description The issue allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message, exploiting the PXE Encryption in the affected Cisco products.

Recommendations For Cisco IronPort Encryption Appliance version 6.2.4, update to version 6.2.4.1.1 or later. For Cisco IronPort Encryption Appliance version 6.2.5, update to a fixed version. For Cisco IronPort Encryption Appliance version 6.2.6, update to a fixed version. For Cisco IronPort Encryption Appliance version 6.2.7, update to version 6.2.7.7 or later. For Cisco IronPort Encryption Appliance version 6.3, update to version 6.3.0.4 or later. For Cisco IronPort Encryption Appliance version 6.5, update to version 6.5.0.2 or later. For Cisco IronPort PostX version 6.2.1, update to version 6.2.1.1 or later. For Cisco IronPort PostX version 6.2.2, update to version 6.2.2.3 or later.