https://community.cisco.com/t5/network-access-control/ssl-with-pct-in-the-https-service/m-p/1931350#M192447 <P>Hi, </P><P></P><P>Recently, in my organization we ran a vulnerabilty test and&nbsp; the ACS platfomr got this vulnerability&nbsp; <STRONG style="color: #686868; font-size: 12pt; font-family: Arial; "><STRONG style="color: #686868; font-size: 12pt; font-family: Arial; "><STRONG style="color: #686868; font-size: 12pt; font-family: Arial; ">ssl-pct1-bo </STRONG></STRONG></STRONG><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; ">basically consist when an application over https run a protocol named ptc that is a library of ssl, this is a potencial risk because it&nbsp; could permit execute a buffer overflow over the machine, but when I look for information about it i found that affects systems over windows O.S. I want to know if this vulnerability could affect my ACS. It is 5.1.0.44.5</SPAN><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> version. I know that my acs is based on a linux o.s but i want to know if ptc could be execute altought this.</SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; ">Regards.</SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P> Mon, 11 Mar 2019 01:59:26 GMT jusecas86 2019-03-11T01:59:26Z https://community.cisco.com/t5/network-access-control/ssl-with-pct-in-the-https-service/m-p/1931350#M192447 <P>Hi, </P><P></P><P>Recently, in my organization we ran a vulnerabilty test and&nbsp; the ACS platfomr got this vulnerability&nbsp; <STRONG style="color: #686868; font-size: 12pt; font-family: Arial; "><STRONG style="color: #686868; font-size: 12pt; font-family: Arial; "><STRONG style="color: #686868; font-size: 12pt; font-family: Arial; ">ssl-pct1-bo </STRONG></STRONG></STRONG><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; ">basically consist when an application over https run a protocol named ptc that is a library of ssl, this is a potencial risk because it&nbsp; could permit execute a buffer overflow over the machine, but when I look for information about it i found that affects systems over windows O.S. I want to know if this vulnerability could affect my ACS. It is 5.1.0.44.5</SPAN><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> version. I know that my acs is based on a linux o.s but i want to know if ptc could be execute altought this.</SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; ">Regards.</SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P><P><SPAN style="color: #000000; font-size: 10pt; font-family: arial,helvetica,sans-serif; "> </SPAN></P> Mon, 11 Mar 2019 01:59:26 GMT https://community.cisco.com/t5/network-access-control/ssl-with-pct-in-the-https-service/m-p/1931350#M192447 jusecas86 2019-03-11T01:59:26Z https://community.cisco.com/t5/network-access-control/ssl-with-pct-in-the-https-service/m-p/1931351#M192460 <HTML><HEAD></HEAD><BODY><P><EM>Juan,</EM></P><P><EM>ACS does not use MD5 for CSR or self sign cert generation. Option we have is either SHA1 or SHA256.</EM></P><P></P><P></P><P></P><P><EM>Regards</EM></P><P><EM>~JG</EM></P><P></P><P><EM>Do rate helpful posts</EM></P></BODY></HTML> Tue, 10 Apr 2012 19:01:25 GMT https://community.cisco.com/t5/network-access-control/ssl-with-pct-in-the-https-service/m-p/1931351#M192460 Jagdeep Gambhir 2012-04-10T19:01:25Z