Most unusual. Cisco has posted three or four different "interim" version of ASA firewall 8.4 firmware with successive series of bug fixes--none regression tested. It's a case of "pick your poison". Haven't seen them hustle like this over a vulnerability before. The downgrade attack is a big worry only if one thinks GCHQ, NSA or China is on their tail, in which case the damage was probably done years ago. We'll wait a couple of days and let the dust settle.
Cisco FREAKs out, starts epic OpenSSL bug-splat
Cisco admins will be watching and waiting for fixes, with the company announcing that many of its OpenSSL implementations are carrying a bunch of post-POODLE fleas. The Borg has been looking over its kit and software since the OpenSSL project disclosed a bunch of vulns in January, and on March 10 detailed the impacts it's …