May 25, 2007 - Cisco has issued an advisory warning of a vulnerability in a third-party cryptographic library used by several different Cisco products. The flaw could be exploited when parsing a malformed Abstract Syntax Notation One ( ASN.1) object. Repeated exploitation of the flaw could result in a denial-ofservice (DoS) condition.
Affected products include Cisco IOS, Cisco IOS XR, Cisco PIX and ASA Security Appliances, Cisco Firewall Module and Cisco Unified CallManager. Cisco has released a patch to address the vulnerabilities; there are no workarounds.