Jump to content


Photo

Cisco advisories/updates


  • Please log in to reply
156 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 10 June 2008 - 03:25 PM

FYI...

SNMP v3 authentication vuln
- http://www.cisco.com...3.shtml#summary
2008 June 10 - "...Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available.."

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 19 June 2008 - 04:56 AM

FYI...

Cisco IPS vuln - update available
- http://isc.sans.org/...ml?storyid=4591
Last Updated: 2008-06-18 17:57:48 UTC - "Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames... Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability. This advisory is posted here*."
* http://www.cisco.com...s.shtml#summary
2008 June 18 - "...vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation... Cisco IPS versions are affected:
* Cisco Intrusion Prevention System version 5.x prior to 5.1(8)E2
* Cisco Intrusion Prevention System version 6.x prior to 6.0(5)E2 ..."

- http://nvd.nist.gov/...e=CVE-2008-2060

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 03 July 2008 - 05:38 AM

FYI...

Multiple Cisco Products DoS vuln
- http://atlas.arbor.n...ndex#-673272965
Severity: Elevated Severity - July 02, 2008 - "Multiple vulnerabilities in Cisco products have been found, which can be exploited to crash the application or cause a DoS because of a vulnerability in a third party cryptographic library. Fixes are available. No known exploits are available.
Analysis: The issue occurs when parsing a crafted Abstract Syntax Notation One (ASN.1) object. In certain cases, an attacker can trigger this vulnerability without a valid certificate or authentication. The vulnerable products are Cisco IOS, Cisco IOS XR, Cisco PIX and ASA Security Appliances, Cisco Firewall Service Module (FWSM) and Cisco Unified CallManager.
Source: Vulnerability In Crypto Library:
- http://www.cisco.com...0809bb300.shtml

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 09 July 2008 - 11:50 PM

FYI...

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
- http://www.cisco.com...s.shtml#details
2008 July 08 - "...The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:
* Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854 (registered customers only) .
* Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298 (registered customers only) .
* Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930 (registered customers only) .
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447..."

- http://nvd.nist.gov/...e=CVE-2008-1447

//

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#5 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 05 August 2008 - 04:54 PM

FYI...

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
- http://www.cisco.com...s.shtml#summary
Updated 2008 July 29 - "Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected. Cisco has released free software updates* that address these vulnerabilities..."
* http://www.cisco.com....shtml#software

//

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 18 August 2008 - 07:35 AM

FYI...

WebEx Meeting Mgr...
- http://www.cisco.com...814-webex.shtml
Last Updated 2008 August 15 - "...A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine...
The WebEx Meeting Manager downloads several components to meeting participants before they join a WebEx meeting. The vulnerability in this Security Advisory affects the atucfobj.dll library...

- http://www.kb.cert.org/vuls/id/661827
08/15/2008 - "...Solution: The Cisco Security Advisory indicates that WebEx meeting participants will automatically receive a fixed version of atucfobj.dll when they join a meeting on a server with fixed software. Version 26.49.9.2838 is the first fixed version for WBS 26 users..."

- http://nvd.nist.gov/...e=CVE-2008-3558
Last revised: 8/11/2008

//

Edited by apluswebmaster, 18 August 2008 - 02:17 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#7 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 25 August 2008 - 06:50 AM

FYI...

Cisco WebEx Meeting Manager Drive-By Exploit
- https://forums.syman...sage.uid=345462
08-22-2008 07:08 PM - "On August 20, our honeypots began to receive attacks against the Cisco WebEx Meeting Manager vulnerability. This August 6 vulnerability exists in the ActiveX control used by WebEx to permit users to participate in meetings via Internet Explorer. Users running the vulnerable version of the Webex control who happened upon a Web site distributing the exploit would become infected. The first exploits that we have seen so far have been served via gaming sites that have had the exploit package injected on to them. While WebEx will automatically patch each user when they join a meeting hosted on a patched server, this vulnerability is only two weeks old. Many vulnerable users may have been on holidays, making it reasonably likely that some users will become infected by visiting day-to-day Web sites before their next WebEx meeting..."

//

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#8 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 04 September 2008 - 03:23 PM

FYI...

Cisco ASA and PIX multiple vulns
- http://secunia.com/advisories/31730/
Release Date: 2008-09-04
Critical: Moderately critical
Impact: Exposure of sensitive information, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x
...The vulnerability is reported in Cisco ASA devices running software versions 8.0 or 8.1 with clientless VPNs enabled. Cisco ASA devices that run software versions 7.0, 7.1, or 7.2 are not affected.
Solution: Update to fixed versions (please see the vendor's advisory for details).
Provided and/or discovered by: Reported by the vendor.
Original Advisory: Cisco:
http://www.cisco.com...80903-asa.shtml

- http://nvd.nist.gov/...e=CVE-2008-2732
- http://nvd.nist.gov/...e=CVE-2008-2733
- http://nvd.nist.gov/...e=CVE-2008-2734
- http://nvd.nist.gov/...e=CVE-2008-2735
- http://nvd.nist.gov/...e=CVE-2008-2736

//

Cisco Secure ACS EAP DoS
- http://secunia.com/advisories/31731/
Release Date: 2008-09-04
Critical: Less critical
Impact: DoS
Where: From local network
Solution Status: Vendor Patch
OS: Cisco Secure ACS Solution Engine 3.x, Cisco Secure ACS Solution Engine 4.x ...
Solution: Apply patches. Please see the vendor advisory for details...
Original Advisory: Cisco:
http://www.cisco.com...903-csacs.shtml

- http://nvd.nist.gov/...e=CVE-2008-2441

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#9 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 24 September 2008 - 02:34 PM

FYI...

Cisco - multiple alerts
- http://www.us-cert.g...security_alerts
September 24, 2008 - "Cisco has released multiple security alerts to address vulnerabilities in the Unified Communications Manager and IOS. These vulnerabilities may allow a remote unauthenticated attacker to cause a denial-of-service condition, obtain sensitive information, or operate with escalated privileges..."

Direct links available here:
- http://www.cisco.com...es_listing.html
(See those dtd. 24-Sept-2008)

Cisco IOS multiple vulnerabilities
- http://secunia.com/advisories/31990/
Release Date: 2008-09-25
Critical: Moderately critical

ISC analysis
- http://isc.sans.org/...ml?storyid=5078
Last Updated: 2008-09-26 03:16:41 UTC

http://web.nvd.nist....d=CVE-2008-2739
http://web.nvd.nist....d=CVE-2008-3798
http://web.nvd.nist....d=CVE-2008-3800
http://web.nvd.nist....d=CVE-2008-3801
http://web.nvd.nist....d=CVE-2008-3802
http://web.nvd.nist....d=CVE-2008-3803
http://web.nvd.nist....d=CVE-2008-3804
http://web.nvd.nist....d=CVE-2008-3805
http://web.nvd.nist....d=CVE-2008-3806
http://web.nvd.nist....d=CVE-2008-3807
http://web.nvd.nist....d=CVE-2008-3808
http://web.nvd.nist....d=CVE-2008-3809
http://web.nvd.nist....d=CVE-2008-3810
http://web.nvd.nist....d=CVE-2008-3811
http://web.nvd.nist....d=CVE-2008-3812
http://web.nvd.nist....d=CVE-2008-3813

:!:

Edited by apluswebmaster, 27 September 2008 - 06:38 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#10 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 15 January 2009 - 12:09 PM

FYI...

Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product
- http://www.us-cert.g...y_advisory_for5
January 15, 2009 - "Cisco has released a Security Advisory* to address multiple vulnerabilities in the IronPort Encryption Appliance and the IronPort PXE Encryption product. These vulnerabilities may allow an unauthorized attacker to view the contents of secure email messages or gain access to the IronPort Encryption Appliance administration interface..."
* http://www.cisco.com...t.shtml#details

- http://web.nvd.nist....d=CVE-2009-0053
- http://web.nvd.nist....d=CVE-2009-0054
- http://web.nvd.nist....d=CVE-2009-0055
- http://web.nvd.nist....d=CVE-2009-0056

:!:

Edited by apluswebmaster, 20 January 2009 - 11:49 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#11 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 21 January 2009 - 05:15 PM

FYI...

Cisco Security Manager vuln - update available
- http://www.cisco.com...90121-csm.shtml
2009 January 21

- http://www.us-cert.g...y_advisory_for6

Cisco Unified Communications Manager CAPF vuln - update available
- http://www.cisco.com...-cucmcapf.shtml
2009 January 21

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#12 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 04 February 2009 - 04:04 PM

FYI...

Cisco wireless LANs multiple vulns - updates available
- http://www.cisco.com...90204-wlc.shtml
2009 February 04 - "Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers (WLCs), Cisco Catalyst 6500 Wireless Services Modules (WiSMs), and Cisco Catalyst 3750 Integrated Wireless LAN Controllers. This security advisory outlines details of the following vulnerabilities:
* Denial of Service Vulnerabilities (total of three)
* Privilege Escalation Vulnerability
These vulnerabilities are independent of each other. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities..."
- Downloads at http://www.cisco.com...-usingswc.shtml

- http://secunia.com/advisories/33749/
...CVE reference:
http://web.nvd.nist....d=CVE-2009-0058
http://web.nvd.nist....d=CVE-2009-0059
http://web.nvd.nist....d=CVE-2009-0061
http://web.nvd.nist....d=CVE-2009-0062

:!: :ph34r:

Edited by apluswebmaster, 05 February 2009 - 08:57 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#13 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 27 February 2009 - 06:16 AM

FYI...

Cisco Security Advisory - multiple vulns...
- http://www.cisco.com...90225-ace.shtml
2009 February 25 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco ACE Module and Cisco ACE 4710 Application Control Engine contain multiple vulnerabilities that, if exploited, can result in any of the following impacts:
• Administrative level access via default user names and passwords
• Privilege escalation
• A denial of service (DoS) condition
Cisco has released free software updates available for affected customers. Workarounds that mitigate some of the vulnerabilities are available..."
http://web.nvd.nist....d=CVE-2009-0620
http://web.nvd.nist....d=CVE-2009-0621
http://web.nvd.nist....d=CVE-2009-0622
http://web.nvd.nist....d=CVE-2009-0623
http://web.nvd.nist....d=CVE-2009-0624
http://web.nvd.nist....d=CVE-2009-0625

- http://www.cisco.com...-mtgplace.shtml
2009 February 25
http://web.nvd.nist....d=CVE-2009-0614

- http://www.cisco.com...90225-anm.shtml
2009 February 25
http://web.nvd.nist....d=CVE-2009-0615
http://web.nvd.nist....d=CVE-2009-0616
http://web.nvd.nist....d=CVE-2009-0617
http://web.nvd.nist....d=CVE-2009-0618

:!:

Edited by apluswebmaster, 02 March 2009 - 08:49 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#14 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 07 March 2009 - 11:08 AM

FYI...

Cisco 7600 Router DoS vuln - update available
- http://secunia.com/advisories/34113/2/
Release Date: 2009-03-05
Critical: Less critical
Impact: DoS
Where: From local network
Solution Status: Vendor Patch
Solution: Update to Cisco SBC software release 3.0(2).
http://www.cisco.com...sbc-7600-crypto ...
Original Advisory:
http://www.cisco.com...90304-sbc.shtml ...

- http://atlas.arbor.n...dex#-1301369183
March 05, 2009 - ...Analysis: This is a minor issue that could escalate, if sustained traffic were seen, to a major outage for a region. Sites using the SBC module in a 7600 should review this update and apply it as needed...

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#15 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 10 March 2009 - 05:49 AM

FYI...

- http://isc.sans.org/...ml?storyid=5980
Last Updated: 2009-03-09 22:07:42 UTC ...(Version: 4) - "If you have a Cisco IP phone, your DST rollfoward may not have worked, so you might want to rely on a different clock until the issues gets fixed... Update 2: Soon after I published this, Cisco published a patch to fix the issue..."

ciscocm.dst_march_2009.html
- http://www.cisco.com...march_2009.html
****IMPORTANT*****
This patch is a temporary workaround for the March 2009 DST issue.
You must upgrade before November 1, 2009 to a Unified Communications Manager version containing the fix for CSCsy25150 (CUCM is not sending Daylight Saving Time updates):
* http://tools.cisco.c...ugId=CSCsy25150
Installation Instructions for Unified Communications Manager Daylight Savings Time (DST) patch file:
File Name: ciscocm.dst_march_2009.cop.sgn
MD5 Sum: d4:f5:e2:56:29:82:f9:fd:af:44:46:be:2a:e0:8d:f1
1. Ensure that Database Replication is working correctly before installing this file, you can check this from RTMT or Cisco Unified Reporting.
2. Install this file only on the Publisher from the "Install/Upgrade" option under "Cisco Unified Communications Operating System Administration."
3. Wait for 60 seconds.
4. Ensure that Database Replication is working correctly after the installation is complete.
5. Restart Cisco CallManager service on all the nodes in the cluster that are running this service.
***NOTE: If you apply a device pack or other update after applying this patch and before March 15, this patch will need to be re-installed.
When a permanent fix is available for November time change a Field Notice will appear here:
http://www.cisco.com...tices_list.html

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#16 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 17 March 2009 - 06:20 AM

FYI...

Cisco Unified Communications Manager IP Phone PAB Information Disclosure
- http://secunia.com/advisories/34238/
Release Date: 2009-03-12

- http://atlas.arbor.n...ndex#-297480716
March 16, 2009

- http://www.cisco.com...1-cucmpab.shtml
2009 March 11
The following products are vulnerable:
• Cisco Unified CallManager 4.1 versions
• Cisco Unified Communications Manager 4.2 versions prior to 4.2(3)SR4b
• Cisco Unified Communications Manager 4.3 versions prior to 4.3(2)SR1b
• Cisco Unified Communications Manager 5.x versions prior to 5.1(3e)
• Cisco Unified Communications Manager 6.x versions prior to 6.1(3)
• Cisco Unified Communications Manager 7.0 versions prior to 7.0(2)

- http://web.nvd.nist....d=CVE-2009-0632
Last revised: 03/12/2009
CVSS v2 Base Score:9.0 (HIGH)

Cisco Security Advisories
>> http://www.cisco.com...es_listing.html
"Starting on March 26, 2008, Cisco will release bundles of IOS Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.
This schedule change will not restrict us from promptly publishing an individual IOS Security Advisory for a serious vulnerability which is publicly disclosed or for which we are aware of active exploitation..."

:!:

Edited by apluswebmaster, 17 March 2009 - 06:33 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#17 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 25 March 2009 - 05:41 PM

FYI...

Cisco IOS bundled advisories...
- http://www.us-cert.g...curity_advisory
March 25, 2009

- http://www.cisco.com...25-bundle.shtml
March 25, 2009 - "... includes eight Security Advisories. All of the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities in the advisory, and each security advisory also lists recommended releases that correct the vulnerabilities in the other seven advisories. The table in this document lists releases that correct all Cisco IOS Software vulnerabilities that have been published in Cisco Security Advisories on March 25, 2009, or earlier..."

- http://secunia.com/advisories/34438/2/
Release Date: 2009-03-26
Critical: Moderately critical
Impact: Privilege escalation, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco IOS 12.x, Cisco IOS R12.x...
Solution: Please see the following vendor advisory for fixed versions.
http://www.cisco.com...25-bundle.shtml ...

- http://nvd.nist.gov/...e=CVE-2009-0626
- http://nvd.nist.gov/...e=CVE-2009-0628
- http://nvd.nist.gov/...e=CVE-2009-0629
- http://nvd.nist.gov/...e=CVE-2009-0630
- http://nvd.nist.gov/...e=CVE-2009-0631
- http://nvd.nist.gov/...e=CVE-2009-0633
- http://nvd.nist.gov/...e=CVE-2009-0634

:!:

Edited by apluswebmaster, 31 March 2009 - 03:52 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#18 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 09 April 2009 - 06:24 AM

FYI...

Cisco ASA and PIX multiple vulns - update available
- http://secunia.com/advisories/34607/2/
Release Date: 2009-04-09
Critical: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x ...
Solution: Update to the fixed versions (please see the vendor advisory for patch information)...
Original Advisory:
http://www.cisco.com...90408-asa.shtml ...

:!:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#19 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 21 May 2009 - 04:42 AM

FYI...

CiscoWorks TFTP vuln - update available
- http://www.cisco.com...090520-cw.shtml
2009 May 20 - "... CiscoWorks Common Services contains a TFTP directory traversal vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.
Note: Only CiscoWorks Common Services systems that run on Microsoft Windows operating systems are vulnerable. The Solaris version of CiscoWorks Common Services is not affected by this vulnerability...
This vulnerability has been corrected in the following CiscoWorks Common Services software patch: cwcs3.x-win-CSCsx07107-0.zip
The CiscoWorks Common Services patch can be downloaded from the following link:
http://www.cisco.com...l/cw2000-cd-one ..."

- http://cve.mitre.org...e=CVE-2009-1161

- http://www.us-cert.g..._advisory_for10
May 20, 2009

- http://isc.sans.org/...ml?storyid=6424
Last Updated: 2009-05-20 18:38:01 UTC

- http://secunia.com/advisories/35179/2/
Release Date: 2009-05-21
Critical: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information, System access
Where: From local network
Solution Status: Vendor Patch ...

:!:

Edited by apluswebmaster, 21 May 2009 - 05:35 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#20 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 24 June 2009 - 02:16 PM

FYI...

Cisco IOS - HTTP Server vuln
- http://www.cisco.com...1201-http.shtml
Revision 1.2 - Last Updated 2009 June 19 - " A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability...
Vulnerable Products: This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled. A system which contains the IOS HTTP server or HTTP secure server, but does not have it enabled, is not affected.
To determine if the HTTP server is running on your device, issue the show ip http server status and show ip http server secure status commands at the prompt and look for output similar to:
Router>show ip http server status
HTTP server status: Enabled
If the device is not running the HTTP server, you should see output similar to:
Router>show ip http server status
HTTP server status: Disabled
Any version of Cisco IOS prior to the versions which will be listed in the Fixed Software section..."

:!:

Edited by apluswebmaster, 24 June 2009 - 02:18 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#21 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 30 July 2009 - 10:10 AM

FYI...

Cisco IOS vulns...
- http://www.cisco.com...90729-bgp.shtml
Last Updated: 2009 July 30
- http://www.us-cert.g..._advisory_for12

Cisco Wireless LAN Controllers - multiple vulns
- http://www.cisco.com...90727-wlc.shtml
2009 July 27
- http://www.us-cert.g..._advisory_for11

:ph34r: :ph34r:

Edited by apluswebmaster, 30 July 2009 - 11:11 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#22 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 20 August 2009 - 05:48 AM

FYI...

Cisco firewall vuln - update available
- http://secunia.com/advisories/36373/2/
Release Date: 2009-08-20
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch ...
Software: Cisco Firewall Services Module (FWSM) 2.x, Cisco Firewall Services Module (FWSM) 3.x, Cisco Firewall Services Module (FWSM) 4.x
Solution: Update to version 3.1(16), 3.2(13), or 4.0(6).
Users of version 2.x should migrate to either 3.x or 4.x.
Original Advisory: cisco-sa-20090819-fwsm:
http://www.cisco.com...0819-fwsm.shtml
Other References: Cisco Applied Mitigation Bulletin:
http://www.cisco.com...0080af151c.html

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#23 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 26 August 2009 - 09:04 AM

FYI...

> http://atlas.arbor.n...dex#-1060669303

Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
- http://www.cisco.com...90818-bgp.shtml
Last Updated 2009 August 24

Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability
- http://www.cisco.com...0819-fwsm.shtml
2009 August 19

Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability
- http://tools.cisco.c...x?alertId=18919
August 25, 2009

:ph34r:

Edited by apluswebmaster, 26 August 2009 - 09:17 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#24 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 09 September 2009 - 07:38 AM

FYI...

Cisco: TCP State Manipulation DoS vulns - Multiple Cisco Products
- http://www.cisco.com...908-tcp24.shtml
2009 September 8 - "Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely... In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system... Cisco has released free software updates that address these vulnerabilities..."
- http://www.cisco.com...-usingswc.shtml

- http://secunia.com/advisories/36618/2/
Release Date: 2009-09-09
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch...

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#25 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 24 September 2009 - 05:13 AM

FYI...

Cisco IOS multiple vulns - updates available
- http://secunia.com/advisories/36835/2/
Release Date: 2009-09-24
Critical: Moderately critical
Impact: Security Bypass, Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch
OS: Cisco IOS 12.x, Cisco IOS R12.x, Cisco IOS XE 2.1.x, Cisco IOS XE 2.2.x, Cisco IOS XE 2.3.x
Solution: Update to a fixed version (please see the vendor's advisories for details)...
Original Advisory:
http://www.cisco.com...90923-cme.shtml
http://www.cisco.com...923-ipsec.shtml
http://www.cisco.com...3-tunnels.shtml
http://www.cisco.com...90923-acl.shtml
http://www.cisco.com...0923-h323.shtml
http://www.cisco.com...90923-sip.shtml
http://www.cisco.com...90923-tls.shtml
http://www.cisco.com...uth-proxy.shtml
http://www.cisco.com...23-ios-fw.shtml
http://www.cisco.com...90923-ntp.shtml
___

Cisco UCM SIP Processing DoS - updates available
- http://secunia.com/advisories/36836/2/
Release Date: 2009-09-24
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Cisco Unified Communications Manager 5.x, Cisco Unified Communications Manager 6.x, Cisco Unified Communications Manager 7.x
Original Advisory:
http://www.cisco.com...090923-cm.shtml
___

Summary of Cisco IOS Software Bundled Advisories
- http://www.cisco.com...23-bundle.shtml
September 23, 2009

:ph34r:

Edited by apluswebmaster, 26 September 2009 - 08:33 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#26 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 17 December 2009 - 12:00 AM

FYI...

Cisco WebEx WRF Player vulns
- http://www.cisco.com...216-webex.shtml
2009 December 16 - "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server... Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution...
(CVE) identifiers:
* CVE-2009-2875
* CVE-2009-2876
* CVE-2009-2877
* CVE-2009-2878
* CVE-2009-2879
* CVE-2009-2880 ...
There are no workarounds for the vulnerabilities disclosed in this advisory... Cisco has released free software updates that address these vulnerabilities..."

- http://isc.sans.org/...ml?storyid=7762
Last Updated: 2009-12-16 20:00:37 UTC

- http://secunia.com/advisories/37810/2/
Release Date: 2009-12-17
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch ...

:ph34r:

Edited by apluswebmaster, 17 December 2009 - 06:53 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#27 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 23 January 2010 - 09:29 AM

FYI...

Cisco IOS / DoS vuln - update available
- http://secunia.com/advisories/38227/2/
Release Date: 2010-01-21
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco IOS XR 3.x ...
Solution: Update to fixed versions. Please see the vendor's advisory for details.
Original Advisory: Cisco:
http://www.cisco.com...20-xr-ssh.shtml

- http://atlas.arbor.n...ndex#1942399210

Cisco InternetWork Performance Monitor GIOP Request Buffer Overflow
- http://secunia.com/advisories/38230/2/
Last Update: 2010-01-22
Critical: Moderately critical
Impact: DoS, System access
Where: From local network
Solution: Contact the vendor for instructions on migrating to non-vulnerable software
(please see the vendor advisory for details).
Restrict network access to an affected system.
Original Advisory: Cisco:
http://www.cisco.com...00120-ipm.shtml

:ph34r:

Edited by apluswebmaster, 23 January 2010 - 09:33 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#28 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 28 January 2010 - 08:42 AM

FYI...

Cisco Unified MeetingPlace - multiple vulns
- http://secunia.com/advisories/38259/2/
Release Date: 2010-01-28
Critical: Moderately critical
Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, Privilege escalation
Where: From remote
Solution Status: Vendor Patch
Software: Cisco Unified MeetingPlace 5.x, Cisco Unified MeetingPlace 6.x, Cisco Unified MeetingPlace 7.x
Solution: Update to the latest version.
http://tools.cisco.c...mdfid=278785523
Original Advisory:
http://www.cisco.com...100127-mp.shtml

- http://securitytrack...an/1023511.html
CVE Reference: CVE-2010-0139, CVE-2010-0140, CVE-2010-0141, CVE-2010-0142
Date: Jan 27 2010

- http://nvd.nist.gov/...e=CVE-2010-0139
- http://nvd.nist.gov/...e=CVE-2010-0140
- http://nvd.nist.gov/...e=CVE-2010-0141
- http://nvd.nist.gov/...e=CVE-2010-0142

- http://www.us-cert.g..._advisory_for16
January 28, 2010

Multiple Vulnerabilities in Cisco Unified MeetingPlace
- http://atlas.arbor.n...ndex#-478562949
Severity: Elevated Severity
Published: Friday, January 29, 2010 19:03
"Multiple issues have been found and fixed in Cisco Unified MeetingPlace versions 5, 6, and 7. These bugs could allow for SQL injection, privilege escalation, account enumeration, and unauthorized new account creation. Cisco has made updated software available to their customers to address these issues.
Analysis: Sites using Cisco Unified MeetingPlace should review this update and apply the updates soon."

:ph34r:

Edited by apluswebmaster, 01 February 2010 - 11:00 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#29 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 02 February 2010 - 09:33 AM

FYI...

Cisco Secure Desktop vuln - update available
- http://secunia.com/advisories/38397/2/
Release Date: 2010-02-02
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 8.x
Software: Cisco Secure Desktop 3.x
Solution: Update to fixed versions:
Cisco Secure Desktop: Update to version 3.5.
Cisco ASA 5500 Series Adaptive Security Appliances:
Update to version 8.2(1), 8.1(2.7), or 8.0(5)
Original Advisory: Cisco:
http://tools.cisco.c...x?alertId=19843

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#30 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 17 February 2010 - 05:41 PM

FYI...

Cisco Releases Multiple Security Advisories
- http://www.us-cert.g...rity_advisories
February 17, 2010
> http://www.cisco.com...080b1910e.shtml
Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service condition.
> http://www.cisco.com...080b1910c.shtml
Security advisory, cisco-sa-20100217-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. These vulnerabilities may allow an attacker to gain unauthorized access to an affected system or cause a denial-of-service condition.
> http://www.cisco.com...080b1910d.shtml
Security advisory, cisco-sa-20100217-csa, addresses multiple vulnerabilities in the Cisco Security Agent. These vulnerabilities may allow an attacker to execute arbitrary SQL commands, view and download arbitrary files, or cause a denial-of-service condition...

- http://atlas.arbor.n...ndex#1477198596
February 17, 2010

Cisco PIX 500
- http://secunia.com/advisories/38636

Cisco Firewall Services Module
- http://secunia.com/advisories/38621/

Cisco ASA 5500
- http://secunia.com/advisories/38618/

:ph34r:

Edited by apluswebmaster, 18 February 2010 - 06:40 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#31 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 04 March 2010 - 07:36 AM

FYI...

Cisco - multiple advisories...
- http://www.us-cert.g...rity_advisories
March 4, 2010

- http://secunia.com/advisories/38799/
Release Date: 2010-03-04
Criticality level: Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status: Vendor Patch
Operating System: Cisco Digital Media Player 5.x
Original Advisory:
http://www.cisco.com...00303-dmp.shtml

- http://secunia.com/advisories/38754/
Release Date: 2010-03-04
Criticality level: Moderately critical
Impact: DoS
Solution Status: Vendor Patch
Software: Cisco Unified Communications Manager 4.x, Cisco Unified Communications Manager 6.x, Cisco Unified Communications Manager 7.x
Original Advisory:
http://www.cisco.com...0303-cucm.shtml

- http://secunia.com/advisories/38824/
Software: Cisco Unified Communications Manager 5.1 reached the End of Software Maintenance on 2010-02-13...
Original Advisory:
http://www.cisco.com...0303-cucm.shtml

:ph34r:

Edited by apluswebmaster, 05 March 2010 - 12:42 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#32 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 24 March 2010 - 09:10 PM

FYI...

Cisco - 7 security updates
- http://isc.sans.org/...ml?storyid=8488
Last Updated: 2010-03-24 22:52:39 UTC - "... information at their site:
- http://www.cisco.com...es_listing.html ..."
24-March-2010 16:00 GMT

- http://www.cisco.com...080b20ee1.shtml
2010 March 24 1600 UTC

- http://atlas.arbor.n...ndex#1182447196
March 24, 2010 - "... Cisco has released 7 security bulletins for its IOS, IOS XR, and CUCM product features, all of which are denial of service issues..."

- http://web.nvd.nist....d=CVE-2010-0584
Last revised: 03/26/2010
CVSS v2 Base Score: 7.8 (HIGH)

:ph34r:

Edited by apluswebmaster, 28 March 2010 - 05:02 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#33 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 16 April 2010 - 05:22 AM

FYI...

Cisco Secure Desktop vuln - update available
- http://secunia.com/advisories/39459/
Release Date: 2010-04-15
Criticality level: Highly critical
Impact: System access
Solution Status: Vendor Patch
Software: Cisco Secure Desktop 3.x, Cisco Secure Desktop Installer ActiveX Control 1.x
CVE Reference: CVE-2010-0589
Original Advisory: Cisco:
http://www.cisco.com...00414-csd.shtml

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#34 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 14 May 2010 - 08:23 AM

FYI...

Cisco PGW vulns - updates available
- http://www.cisco.com...00512-pgw.shtml
2010 May 12 - "Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products... Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities... All vulnerabilities listed in this Security Advisory are addressed in Cisco PGW 2200 Softswitch version 9.7(3)S11, version 9.8(1)S5, and subsequent, software releases..."

- http://www.cisco.com...es_listing.html

- http://atlas.arbor.n...dex#-1480011314
May 12, 2010 - Elevated Severity - "Analysis: This is a big set of medium risk vulnerabilities. We encourage sites using the PGW 2200 to update soon to address them."

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#35 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 27 May 2010 - 03:43 AM

FYI...

Cisco Network Building Mediator - updates available
- http://www.cisco.com...-mediator.shtml
May 26, 2010 - "These vulnerabilities affect the legacy Richards-Zeta Mediator 2500 product and Cisco Network Building Mediator NBM-2400 and NBM-4800 models. All Mediator Framework software releases prior to 3.1.1 are affected by all vulnerabilities listed in this security advisory... Fixed 3.1.1 and 3.0.9 Mediator Framework software can be downloaded from the Software Center... by visiting http://www.cisco.com...load/index.html and navigating to Physical Security and Building Systems > Smart Connected Buildings > Cisco Network Building Mediator. To obtain fixed 1.5.1 and 2.2 Mediator Framework software and configTOOL version 3.1.0b1 contact Cisco TAC... There are no workarounds for these vulnerabilities..."

- http://securitytrack...ay/1024027.html
May 26 2010

:ph34r:

Edited by apluswebmaster, 27 May 2010 - 09:38 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#36 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 26 June 2010 - 06:36 AM

FYI...

Cisco Application Extension Platform (AXP) 1.1 and 1.1.5
allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
- http://web.nvd.nist....d=CVE-2010-1572
Last revised: 06/17/2010
CVSS v2 Base Score: 9.0 (HIGH)
Type: Advisory; Patch Information
- http://www.cisco.com...080b3290b.shtml

Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2)
unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
- http://web.nvd.nist....d=CVE-2010-1571
Last revised: 06/17/2010
CVSS v2 Base Score: 7.8 (HIGH)
Type: Advisory; Patch Information
- http://www.cisco.com...080b2f110.shtml

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#37 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 12 July 2010 - 09:15 AM

FYI...

- http://www.cisco.com...0707-snmp.shtml
2010 July 07 - "Summary: Cisco Industrial Ethernet 3000 (IE 3000) Series switches running Cisco IOS® Software releases 12.2(52)SE or 12.2(52)SE1, contain a vulnerability where well known SNMP community names are hard-coded for both read and write access. The hard-coded community names are "public" and "private." Cisco recommends that all administrators deploy the mitigation measures outlined in the Workarounds section or perform a Cisco IOS Software upgrade... Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available...
Impact: Successful exploitation of the vulnerability could result in an attacker obtaining full control of the device..."
- http://web.nvd.nist....d=CVE-2010-1574
CVSS v2 Base Score: 10.0 (HIGH)
- http://www.kb.cert.org/vuls/id/732671
Date Last Updated: 2010-07-12

- http://www.vsecurity...ory/20100702-1/
2010-07-02 "... Cisco CSS 11500 Series Content Services Switch... implement more stringent request validation and/or corrections when receiving requests which do not utilize HTTP-compliant newlines... Three primary approaches are possible..."
- http://www.securityf.../100/0/threaded
- http://web.nvd.nist....d=CVE-2010-1575
- http://web.nvd.nist....d=CVE-2010-1576
- http://web.nvd.nist....d=CVE-2010-2629
CVSS v2 Base Score: 7.5 (HIGH)

:!: :!:

Edited by apluswebmaster, 13 July 2010 - 06:50 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#38 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 22 July 2010 - 05:28 AM

FYI...

Cisco CDS vuln - update available
- http://secunia.com/advisories/40701/
Release Date: 2010-07-22
Criticality level: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information
Where: From remote
Software: Cisco Content Delivery System 2.x
CVE Reference: CVE-2010-1577
... The vulnerability is reported in versions 2.2.x, 2.3.x, 2.4.x, and 2.5.x.
Solution: Update to version 2.5.7 or later.
Original Advisory: Cisco:
http://www.cisco.com...721-spcdn.shtml
Last Updated: 2010 July 29 Revision 1.1 - "Updated Details and Workaround sections..."

- http://www.cisco.com...es_listing.html
29-July-2010

- http://atlas.arbor.net/briefs/
July 23, 2010

:!:

Edited by apluswebmaster, 30 July 2010 - 10:54 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#39 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 04 August 2010 - 04:00 PM

FYI...

Multiple Cisco Advisories
- http://isc.sans.edu/...ml?storyid=9331
Last Updated: 2010-08-04 18:35:02 UTC

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances, impact is DoS.
Advisory ID: cisco-sa-20100804-asa
http://www.cisco.com...00804-asa.shtml

- http://securitytrack...ug/1024279.html
Aug 4 2010

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module, impact is DoS.
Advisory ID: cisco-sa-20100804-fwsm
http://www.cisco.com...0804-fwsm.shtml

- http://securitytrack...ug/1024280.html
Aug 4 2010

:ph34r:

Edited by apluswebmaster, 06 August 2010 - 09:58 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#40 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 13 August 2010 - 04:53 AM

FYI...

- http://www.cisco.com...es_listing.html

- http://tools.cisco.c...y/center/home.x

- http://tools.cisco.c...viewAllSearch.x

Cisco ACE vuln - update available
- http://www.cisco.com...00811-ace.shtml
2010 August 11 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine contain the following DoS vulnerabilities:
• Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability
• HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS vulnerability
• Secure Socket Layer (SSL) DoS vulnerability
• SIP inspection DoS vulnerability
Cisco has released free software updates for affected customers. Workarounds that mitigate some of the vulnerabilities are available.
Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another..."

Cisco WCS SQL Injection - update available
- http://www.cisco.com...00811-wcs.shtml
2010 August 11 - "Cisco Wireless Control System (WCS) contains a SQL injection vulnerability that could allow an authenticated attacker full access to the vulnerable device, including modification of system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability..."

Cisco IOS TCP vuln
- http://secunia.com/advisories/40958/
Release Date: 2010-08-13
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Operating System: Cisco IOS 15.0
CVE Reference: CVE-2010-2827
Original Advisory:
- http://www.cisco.com...00812-tcp.shtml

- http://securitytrack...ug/1024322.html
- http://securitytrack...ug/1024321.html
- http://securitytrack...ug/1024335.html

:!: :!: :!:

Edited by apluswebmaster, 13 August 2010 - 05:07 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#41 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 26 August 2010 - 05:36 AM

FYI...

- http://www.cisco.com...es_listing.html

Cisco UCM updated
- http://secunia.com/advisories/41100/
Release Date: 2010-08-26
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Cisco Unified Communications Manager 6.x, 7.x, 8.x
CVE Reference(s): CVE-2010-2837, CVE-2010-2838
Original Advisory: cisco-sa-20100825-cucm:
http://www.cisco.com...0825-cucm.shtml

Cisco Unified Presence updated
- http://secunia.com/advisories/41070/
Release Date: 2010-08-26
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Cisco Unified Presence 6.x, Cisco Unified Presence 7.x
CVE Reference(s): CVE-2010-2839, CVE-2010-2840
... The vulnerabilities are reported in versions prior to 6.0( 7 ) and 7.0( 8 ).
Solution: Update to version 6.0( 7 ) or 7.0( 8 ).
Original Advisory: cisco-sa-20100825-cup:
http://www.cisco.com...00825-cup.shtml

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#42 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 30 August 2010 - 06:19 AM

FYI...

- http://www.cisco.com...es_listing.html

Cisco IOS XR Software BGP vuln
- http://secunia.com/advisories/41190/
Release Date: 2010-08-30
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Operating System: Cisco IOS XR 3.x
CVE Reference: http://web.nvd.nist....d=CVE-2010-3035
Original Advisory
- http://www.cisco.com...00827-bgp.shtml
Revision 1.4 - Last Updated 2010 September 01 - "... Impact: Successful exploitation of these vulnerabilities may result in the continuous resetting of BGP peering sessions. This may lead to routing inconsistencies and a denial of service for those affected networks..."
http://www.cisco.com....html#wp1118699

- http://securitytrack...ug/1024371.html
Aug 28 2010

:ph34r:

Edited by apluswebmaster, 01 September 2010 - 10:24 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#43 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 08 September 2010 - 12:09 PM

FYI...

- http://www.cisco.com...es_listing.html

Cisco Applied Mitigation Bulletins
- http://tools.cisco.c...ter/searchAIR.x
Last updated: 08 Sep 2010

Cisco Wireless LAN Controllers - multiple vulns...
- http://cisco.com/war...00908-wlc.shtml
2010 September 08 - "Summary:
The Cisco Wireless LAN Controller (WLC) product family is affected by these vulnerabilities:
• Two denial of service (DoS) vulnerabilities
• Three privilege escalation vulnerabilities
• Two access control list (ACL) bypass vulnerabilities
Note: These vulnerabilities are independent of one another. A device may be affected by one vulnerability and not affected by another.
Cisco has released free software updates that address these vulnerabilities.
There are no workarounds to mitigate these vulnerabilities..."
(See "Affected Products" and "Software Versions and Fixes"...)

- http://secunia.com/advisories/41357/
Release Date: 2010-09-09
Impact: Security Bypass, Privilege escalation, DoS
Where: From local network
... The vulnerabilities are reported in the following products:
* Cisco 2000 Series WLCs
* Cisco 2100 Series WLCs
* Cisco 4100 Series WLCs
* Cisco 4400 Series WLCs
* Cisco 5500 Series WLCs
* Cisco Wireless Services Modules (WiSMs)
* Cisco WLC Modules for Integrated Services Routers (ISRs)
* Cisco Catalyst 3750G Integrated WLCs
Solution: Update to a fixed version (Please see vendor's advisory for details).
Original Advisory: cisco-sa-20100908-wlc:
http://www.cisco.com...00908-wlc.shtml

- http://securitytrack...ep/1024408.html
Sep 8 2010

:ph34r:

Edited by apluswebmaster, 09 September 2010 - 09:58 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#44 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 23 September 2010 - 05:16 AM

FYI...

Summary of Cisco IOS Software Bundled Advisories, September 22, 2010
- http://www.cisco.com...080b4a315.shtml

- http://www.cisco.com..._ERP_sep10.html

- http://www.securityt....com/id?1024470
- http://www.securityt....com/id?1024471
- http://www.securityt....com/id?1024472
- http://www.securityt....com/id?1024473
- http://www.securityt....com/id?1024474
- http://www.securityt....com/id?1024475
Sep 22 2010

- http://secunia.com/advisories/41437/
- http://secunia.com/advisories/41513/
- http://secunia.com/advisories/41539/
- http://secunia.com/advisories/41549/
- http://secunia.com/advisories/41551/
- http://secunia.com/advisories/41552/
2010-09-23

:ph34r:

Edited by apluswebmaster, 23 September 2010 - 08:37 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#45 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 28 October 2010 - 07:58 AM

FYI...

CiscoWorks vuln - updates available
- http://www.cisco.com...101027-cs.shtml
2010 October 27 - "CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability..."

- http://www.cisco.com...es_listing.html

- http://secunia.com/advisories/42011/
Release Date: 2010-10-28
Criticality level: Moderately critical
Impact: System access
Where: From local network
CVE Reference: CVE-2010-3036
Solution: Upgrade to Common Services version 4.0 or apply patches.
Original Advisory: Cisco:
http://www.cisco.com...101027-cs.shtml

- http://www.securityt....com/id?1024646
Oct 27 2010

:ph34r:

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#46 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 08 November 2010 - 07:44 AM

FYI...

- http://www.cisco.com...es_listing.html

CiscoWorks Common Services vuln - updates available
- http://www.cisco.com...101027-cs.shtml
Revision 1.2 - Updated: Nov 05, 2010 - "CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. Mitigations that limit the attack surface of this vulnerability are available... The vulnerability could be exploited over TCP port 443 or 1741.
Note: The default HTTP and HTTPS ports can be reconfigured on the server.
The vulnerability affects both CiscoWorks Common Services for Oracle Solaris and Microsoft Windows..."

Cisco UCM vuln - update available
- http://secunia.com/advisories/42129/
Release Date: 2010-11-08
Impact: Privilege escalation
Solution Status: Vendor Patch
Original Advisory: Cisco:
- http://tools.cisco.c...x?alertId=21656

- http://www.securityt....com/id?1024694
Nov 8 2010
- http://www.securityt....com/id?1024693
Nov 8 2010

:ph34r: :ph34r:

Edited by AplusWebMaster, 08 November 2010 - 07:47 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#47 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 24 November 2010 - 08:18 AM

FYI...

Cisco UVC VxWorks - multiple vulns
- http://www.securityt....com/id?1024753
Nov 17 2010 - "... Solution: No solution was available at the time of this entry. The vendor has described some mitigation steps in their advisory.
The vendor's advisory is available at:
http://www.cisco.com...-cuvc.shtml#add
2010 November 17 - "... Administrators can mitigate these vulnerabilities by limiting access to Cisco UVC web server to trusted hosts by disabling FTP, SSH, and Telnet services and by setting the "Security mode" field in the "Security" section of the Cisco UVC web GUI to "Maximum"..."

- http://www.cisco.com....html#wp1690479

- http://secunia.com/advisories/42248/
Release Date: 2010-11-18
Impact: Hijacking, Exposure of sensitive information, Privilege escalation, System access
Where: From local network
Solution Status: Unpatched ...
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2010-3037
Last revised: 11/23/2010
CVSS v2 Base Score: 8.5 (HIGH)
- http://web.nvd.nist....d=CVE-2010-3038
Last revised: 11/23/2010
CVSS v2 Base Score: 10.0 (HIGH)

:ph34r: :ph34r:

Edited by AplusWebMaster, 27 November 2010 - 12:21 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#48 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 17 January 2011 - 07:18 PM

FYI...

Cisco IOS multiple flaws...
- http://www.securityt....com/id?1024964
Jan 17 2011
CVE Reference: CVE-2009-5038, CVE-2009-5039, CVE-2009-5040, CVE-2010-4671, CVE-2010-4683, CVE-2010-4684, CVE-2010-4685, CVE-2010-4686, CVE-2010-4687
Solution: The vendor has issued a fix (15.0(1)XA5)...
- http://secunia.com/advisories/42917/
-- http://www.cisco.com..._XA/rn800xa.pdf

Cisco ASA multiple flaws...
- http://www.securityt....com/id?1024963
Jan 17 2011
CVE Reference: CVE-2009-5037, CVE-2010-4670, CVE-2010-4672, CVE-2010-4673, CVE-2010-4674, CVE-2010-4675, CVE-2010-4676, CVE-2010-4677, CVE-2010-4678, CVE-2010-4679, CVE-2010-4680, CVE-2010-4681, CVE-2010-4682, CVE-2010-4688, CVE-2010-4689, CVE-2010-4690, CVE-2010-4691
Solution: The vendor has issued a fix (8.3(2))...
- http://secunia.com/advisories/42931/
-- http://www.cisco.com...es/asarn82.html
-- http://www.cisco.com...es/asarn83.html
- http://secunia.com/advisories/42942/
-- http://www.cisco.com...es/asarn82.html

- http://www.cisco.com...es_listing.html
___

- http://web.nvd.nist....d=CVE-2011-0935
Last revised:04/14/2011
"... PKI functionality in Cisco IOS 15.0 and 15.1... different vulnerability than CVE-2010-4685*..."
CVSS v2 Base Score: 10.0 (HIGH)
CVSS score derived from:

http://www.cisco.com...ts_15_1_2s.html

* http://web.nvd.nist....d=CVE-2010-4685

:!: :ph34r:

Edited by AplusWebMaster, 20 April 2011 - 07:35 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#49 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 26 January 2011 - 09:31 PM

FYI...

Cisco Content Services Gateway - updates available
- http://secunia.com/advisories/43052/
Release Date: 2011-01-26
Criticality level: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
CVE Reference(s): CVE-2011-0348, CVE-2011-0349, CVE-2011-0350
Solution/Original Advisory: cisco-sa-20110126-csg2:
http://www.cisco.com...080b6791d.shtml

- http://www.cisco.com...es_listing.html

- http://www.securityt....com/id/1024992
Jan 26 2011

:ph34r:

Edited by AplusWebMaster, 28 January 2011 - 05:24 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#50 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,039 posts

Posted 03 February 2011 - 07:00 AM

FYI...

- http://www.cisco.com...es_listing.html

Cisco / Tandberg E, EX and C Series Endpoints vuln...
- http://www.cisco.com...080b69541.shtml
2011 February 2 - "... Tandberg devices are part of the Cisco TelePresence Systems that provide Cisco TelePresence endpoints for immersive environments, conference rooms, individual desktops and home offices. The C Series Endpoints are typically deployed as Multipurpose Room Systems and the E/EX Personal Video units are desktop devices. These devices contain a root user that is enabled for advanced debugging that is unnecessary during normal operations. The root account is not the same as the admin and user accounts. The root user is enabled by default in software versions prior to TC 4.0.0. The default configuration prior to TC 4.0.0 does not set a password for the root user. When a device is upgraded to TC 4.0.0, the root user is disabled. System software for Tandberg C Series Endpoints and E/EX Personal Video units is available for download at:
http://www.tandberg....ownload.jsp?t=2
For instructions on how to set a root password or disable the root user on other software versions, see the workaround section of this advisory. This vulnerability has been assigned the CVE ID CVE-2011-0354..."
- http://secunia.com/advisories/43158/
Release Date: 2011-02-03
Criticality level: Moderately critical
Impact: System access
Where: From local network
... The security issue is reported in versions prior to TC 4.0.0...

- http://www.securityt....com/id/1025017
Feb 2 2011
___

Cisco WebEx player vulns...
- http://www.cisco.com...201-webex.shtml
2011 February 1 - "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user... Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur... These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers: CVE-2010-3269, CVE-2010-3041, CVE-2010-3042, CVE-2010-3043, CVE-2010-3044
...If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server. If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from http://www.webex.com...loadplayer.html ..."
- http://secunia.com/advisories/43122/
Last Update: 2011-02-03
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to build T27LC SP22 and T27LB SP21 EP3...

- http://www.securityt....com/id/1025015
- http://www.securityt....com/id/1025016
Feb 1 2011

:!: :!:

Edited by AplusWebMaster, 03 February 2011 - 07:43 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button