Thank you Michael for the post. Just re-posting to make my connections aware!
About the Author:
Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.
A vulnerability in bash is affecting all kinds of *nix systems and some Cisco collaboration products are affected. Cisco has identified the vulnerable software and has either patched or is in the process of building patches.
The PSIRT is by far the best place to look for vulnerable software as well as to look at each BugID to find patched software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
Look under Affected Products | Vulnerable Products for the official list. Currently (10/13) is shows:
Voice and Unified Communications Devices
- Cisco Business Edition 3000 (BE3k) [CSCur08462]
- Cisco Emergency Responder [CSCur05434]
- Cisco Finesse [CSCur02866]
- Cisco Hosted Collaboration Mediation Fulfillment [CSCur05477]
- Cisco IM and Presence Service (CUPS) [CSCur05454]
- Cisco IP Interoperability and Collaboration System (IPICS) [CSCur05245]
- Cisco MediaSense [CSCur02875]
- Cisco Paging Server (Informacast) [CSCur04834]
- Cisco Paging Server [CSCur04834]
- Cisco SocialMiner [CSCur02880
View original post 51 more words
