• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
AplusWebMaster

Cisco advisories/updates

288 posts in this topic

FYI...

 

SNMP v3 authentication vuln

- http://www.cisco.com/warp/public/707/cisco...3.shtml#summary

2008 June 10 - "...Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available.."

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IPS vuln - update available

- http://isc.sans.org/diary.html?storyid=4591

Last Updated: 2008-06-18 17:57:48 UTC - "Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames... Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability. This advisory is posted here*."

* http://www.cisco.com/warp/public/707/cisco...s.shtml#summary

2008 June 18 - "...vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation... Cisco IPS versions are affected:

* Cisco Intrusion Prevention System version 5.x prior to 5.1(8)E2

* Cisco Intrusion Prevention System version 6.x prior to 6.0(5)E2 ..."

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2060

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Multiple Cisco Products DoS vuln

- http://atlas.arbor.net/briefs/index#-673272965

Severity: Elevated Severity - July 02, 2008 - "Multiple vulnerabilities in Cisco products have been found, which can be exploited to crash the application or cause a DoS because of a vulnerability in a third party cryptographic library. Fixes are available. No known exploits are available.

Analysis: The issue occurs when parsing a crafted Abstract Syntax Notation One (ASN.1) object. In certain cases, an attacker can trigger this vulnerability without a valid certificate or authentication. The vulnerable products are Cisco IOS, Cisco IOS XR, Cisco PIX and ASA Security Appliances, Cisco Firewall Service Module (FWSM) and Cisco Unified CallManager.

Source: Vulnerability In Crypto Library:

- http://www.cisco.com/en/US/products/produc...0809bb300.shtml

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

- http://www.cisco.com/warp/public/707/cisco...s.shtml#details

2008 July 08 - "...The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:

* Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854 (registered customers only) .

* Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298 (registered customers only) .

* Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930 (registered customers only) .

This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447..."

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447

 

//

Share this post


Link to post
Share on other sites

FYI...

 

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

- http://www.cisco.com/warp/public/707/cisco...s.shtml#summary

Updated 2008 July 29 - "Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected. Cisco has released free software updates* that address these vulnerabilities..."

* http://www.cisco.com/warp/public/707/cisco....shtml#software

 

//

Share this post


Link to post
Share on other sites

FYI...

 

WebEx Meeting Mgr...

- http://www.cisco.com/warp/public/707/cisco...814-webex.shtml

Last Updated 2008 August 15 - "...A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine...

The WebEx Meeting Manager downloads several components to meeting participants before they join a WebEx meeting. The vulnerability in this Security Advisory affects the atucfobj.dll library...

 

- http://www.kb.cert.org/vuls/id/661827

08/15/2008 - "...Solution: The Cisco Security Advisory indicates that WebEx meeting participants will automatically receive a fixed version of atucfobj.dll when they join a meeting on a server with fixed software. Version 26.49.9.2838 is the first fixed version for WBS 26 users..."

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3558

Last revised: 8/11/2008

 

//

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco WebEx Meeting Manager Drive-By Exploit

- https://forums.symantec.com/syment/blog/art...sage.uid=345462

08-22-2008 07:08 PM - "On August 20, our honeypots began to receive attacks against the Cisco WebEx Meeting Manager vulnerability. This August 6 vulnerability exists in the ActiveX control used by WebEx to permit users to participate in meetings via Internet Explorer. Users running the vulnerable version of the Webex control who happened upon a Web site distributing the exploit would become infected. The first exploits that we have seen so far have been served via gaming sites that have had the exploit package injected on to them. While WebEx will automatically patch each user when they join a meeting hosted on a patched server, this vulnerability is only two weeks old. Many vulnerable users may have been on holidays, making it reasonably likely that some users will become infected by visiting day-to-day Web sites before their next WebEx meeting..."

 

//

Share this post


Link to post
Share on other sites

FYI...

 

Cisco ASA and PIX multiple vulns

- http://secunia.com/advisories/31730/

Release Date: 2008-09-04

Critical: Moderately critical

Impact: Exposure of sensitive information, DoS

Where: From remote

Solution Status: Vendor Patch

OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x

...The vulnerability is reported in Cisco ASA devices running software versions 8.0 or 8.1 with clientless VPNs enabled. Cisco ASA devices that run software versions 7.0, 7.1, or 7.2 are not affected.

Solution: Update to fixed versions (please see the vendor's advisory for details).

Provided and/or discovered by: Reported by the vendor.

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco...80903-asa.shtml

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2732

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2733

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2734

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2735

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2736

 

//

 

Cisco Secure ACS EAP DoS

- http://secunia.com/advisories/31731/

Release Date: 2008-09-04

Critical: Less critical

Impact: DoS

Where: From local network

Solution Status: Vendor Patch

OS: Cisco Secure ACS Solution Engine 3.x, Cisco Secure ACS Solution Engine 4.x ...

Solution: Apply patches. Please see the vendor advisory for details...

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco...903-csacs.shtml

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2441

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco - multiple alerts

- http://www.us-cert.gov/current/#cisco_rele...security_alerts

September 24, 2008 - "Cisco has released multiple security alerts to address vulnerabilities in the Unified Communications Manager and IOS. These vulnerabilities may allow a remote unauthenticated attacker to cause a denial-of-service condition, obtain sensitive information, or operate with escalated privileges..."

 

Direct links available here:

- http://www.cisco.com/en/US/products/produc...es_listing.html

(See those dtd. 24-Sept-2008)

 

Cisco IOS multiple vulnerabilities

- http://secunia.com/advisories/31990/

Release Date: 2008-09-25

Critical: Moderately critical

 

ISC analysis

- http://isc.sans.org/diary.html?storyid=5078

Last Updated: 2008-09-26 03:16:41 UTC

 

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-2739

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3798

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3800

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3801

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3802

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3803

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3804

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3805

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3806

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3807

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3808

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3809

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3810

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3811

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3812

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2008-3813

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product

- http://www.us-cert.gov/current/#cisco_rele...y_advisory_for5

January 15, 2009 - "Cisco has released a Security Advisory* to address multiple vulnerabilities in the IronPort Encryption Appliance and the IronPort PXE Encryption product. These vulnerabilities may allow an unauthorized attacker to view the contents of secure email messages or gain access to the IronPort Encryption Appliance administration interface..."

* http://www.cisco.com/warp/public/707/cisco...t.shtml#details

 

- http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0053

- http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0054

- http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0055

- http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0056

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Security Manager vuln - update available

- http://www.cisco.com/warp/public/707/cisco...90121-csm.shtml

2009 January 21

 

- http://www.us-cert.gov/current/#cisco_rele...y_advisory_for6

 

Cisco Unified Communications Manager CAPF vuln - update available

- http://www.cisco.com/warp/public/707/cisco...-cucmcapf.shtml

2009 January 21

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco wireless LANs multiple vulns - updates available

- http://www.cisco.com/warp/public/707/cisco...90204-wlc.shtml

2009 February 04 - "Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers (WLCs), Cisco Catalyst 6500 Wireless Services Modules (WiSMs), and Cisco Catalyst 3750 Integrated Wireless LAN Controllers. This security advisory outlines details of the following vulnerabilities:

* Denial of Service Vulnerabilities (total of three)

* Privilege Escalation Vulnerability

These vulnerabilities are independent of each other. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities..."

- Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml

 

- http://secunia.com/advisories/33749/

...CVE reference:

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0058

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0059

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0061

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0062

 

:!: :ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Security Advisory - multiple vulns...

- http://www.cisco.com/warp/public/707/cisco...90225-ace.shtml

2009 February 25 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco ACE Module and Cisco ACE 4710 Application Control Engine contain multiple vulnerabilities that, if exploited, can result in any of the following impacts:

• Administrative level access via default user names and passwords

• Privilege escalation

• A denial of service (DoS) condition

Cisco has released free software updates available for affected customers. Workarounds that mitigate some of the vulnerabilities are available..."

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0620

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0621

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0622

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0623

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0624

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0625

 

- http://www.cisco.com/warp/public/707/cisco...-mtgplace.shtml

2009 February 25

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0614

 

- http://www.cisco.com/warp/public/707/cisco...90225-anm.shtml

2009 February 25

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0615

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0616

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0617

http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0618

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco 7600 Router DoS vuln - update available

- http://secunia.com/advisories/34113/2/

Release Date: 2009-03-05

Critical: Less critical

Impact: DoS

Where: From local network

Solution Status: Vendor Patch

Solution: Update to Cisco SBC software release 3.0(2).

http://www.cisco.com/pcgi-bin/tablebuild.pl/sbc-7600-crypto ...

Original Advisory:

http://www.cisco.com/warp/public/707/cisco...90304-sbc.shtml ...

 

- http://atlas.arbor.net/briefs/index#-1301369183

March 05, 2009 - ...Analysis: This is a minor issue that could escalate, if sustained traffic were seen, to a major outage for a region. Sites using the SBC module in a 7600 should review this update and apply it as needed...

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

- http://isc.sans.org/diary.html?storyid=5980

Last Updated: 2009-03-09 22:07:42 UTC ...(Version: 4) - "If you have a Cisco IP phone, your DST rollfoward may not have worked, so you might want to rely on a different clock until the issues gets fixed... Update 2: Soon after I published this, Cisco published a patch to fix the issue..."

 

ciscocm.dst_march_2009.html

- http://www.cisco.com/web/software/28220470...march_2009.html

****IMPORTANT*****

This patch is a temporary workaround for the March 2009 DST issue.

You must upgrade before November 1, 2009 to a Unified Communications Manager version containing the fix for CSCsy25150 (CUCM is not sending Daylight Saving Time updates):

* http://tools.cisco.com/Support/BugToolKit/...ugId=CSCsy25150

Installation Instructions for Unified Communications Manager Daylight Savings Time (DST) patch file:

File Name: ciscocm.dst_march_2009.cop.sgn

MD5 Sum: d4:f5:e2:56:29:82:f9:fd:af:44:46:be:2a:e0:8d:f1

1. Ensure that Database Replication is working correctly before installing this file, you can check this from RTMT or Cisco Unified Reporting.

2. Install this file only on the Publisher from the "Install/Upgrade" option under "Cisco Unified Communications Operating System Administration."

3. Wait for 60 seconds.

4. Ensure that Database Replication is working correctly after the installation is complete.

5. Restart Cisco CallManager service on all the nodes in the cluster that are running this service.

***NOTE: If you apply a device pack or other update after applying this patch and before March 15, this patch will need to be re-installed.

When a permanent fix is available for November time change a Field Notice will appear here:

http://www.cisco.com/en/US/products/sw/voi...tices_list.html

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Unified Communications Manager IP Phone PAB Information Disclosure

- http://secunia.com/advisories/34238/

Release Date: 2009-03-12

 

- http://atlas.arbor.net/briefs/index#-297480716

March 16, 2009

 

- http://www.cisco.com/warp/public/707/cisco...1-cucmpab.shtml

2009 March 11

The following products are vulnerable:

• Cisco Unified CallManager 4.1 versions

• Cisco Unified Communications Manager 4.2 versions prior to 4.2(3)SR4b

• Cisco Unified Communications Manager 4.3 versions prior to 4.3(2)SR1b

• Cisco Unified Communications Manager 5.x versions prior to 5.1(3e)

• Cisco Unified Communications Manager 6.x versions prior to 6.1(3)

• Cisco Unified Communications Manager 7.0 versions prior to 7.0(2)

 

- http://web.nvd.nist.gov/view/vuln/detail?v...d=CVE-2009-0632

Last revised: 03/12/2009

CVSS v2 Base Score:9.0 (HIGH)

 

Cisco Security Advisories

>> http://www.cisco.com/en/US/products/produc...es_listing.html

"Starting on March 26, 2008, Cisco will release bundles of IOS Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.

This schedule change will not restrict us from promptly publishing an individual IOS Security Advisory for a serious vulnerability which is publicly disclosed or for which we are aware of active exploitation..."

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS bundled advisories...

- http://www.us-cert.gov/current/#cisco_rele...curity_advisory

March 25, 2009

 

- http://www.cisco.com/warp/public/707/cisco...25-bundle.shtml

March 25, 2009 - "... includes eight Security Advisories. All of the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities in the advisory, and each security advisory also lists recommended releases that correct the vulnerabilities in the other seven advisories. The table in this document lists releases that correct all Cisco IOS Software vulnerabilities that have been published in Cisco Security Advisories on March 25, 2009, or earlier..."

 

- http://secunia.com/advisories/34438/2/

Release Date: 2009-03-26

Critical: Moderately critical

Impact: Privilege escalation, DoS

Where: From remote

Solution Status: Vendor Patch

OS: Cisco IOS 12.x, Cisco IOS R12.x...

Solution: Please see the following vendor advisory for fixed versions.

http://www.cisco.com/warp/public/707/cisco...25-bundle.shtml ...

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0626

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0628

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0629

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0630

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0631

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0633

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0634

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco ASA and PIX multiple vulns - update available

- http://secunia.com/advisories/34607/2/

Release Date: 2009-04-09

Critical: Moderately critical

Impact: Security Bypass, DoS

Where: From remote

Solution Status: Vendor Patch

OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x ...

Solution: Update to the fixed versions (please see the vendor advisory for patch information)...

Original Advisory:

http://www.cisco.com/warp/public/707/cisco...90408-asa.shtml ...

 

:!:

Share this post


Link to post
Share on other sites

FYI...

 

CiscoWorks TFTP vuln - update available

- http://www.cisco.com/warp/public/707/cisco...090520-cw.shtml

2009 May 20 - "... CiscoWorks Common Services contains a TFTP directory traversal vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.

Note: Only CiscoWorks Common Services systems that run on Microsoft Windows operating systems are vulnerable. The Solaris version of CiscoWorks Common Services is not affected by this vulnerability...

This vulnerability has been corrected in the following CiscoWorks Common Services software patch: cwcs3.x-win-CSCsx07107-0.zip

The CiscoWorks Common Services patch can be downloaded from the following link:

http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one ..."

 

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1161

 

- http://www.us-cert.gov/current/index.html#..._advisory_for10

May 20, 2009

 

- http://isc.sans.org/diary.html?storyid=6424

Last Updated: 2009-05-20 18:38:01 UTC

 

- http://secunia.com/advisories/35179/2/

Release Date: 2009-05-21

Critical: Moderately critical

Impact: Exposure of system information, Exposure of sensitive information, System access

Where: From local network

Solution Status: Vendor Patch ...

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS - HTTP Server vuln

- http://www.cisco.com/warp/public/707/cisco...1201-http.shtml

Revision 1.2 - Last Updated 2009 June 19 - " A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability...

Vulnerable Products: This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled. A system which contains the IOS HTTP server or HTTP secure server, but does not have it enabled, is not affected.

To determine if the HTTP server is running on your device, issue the show ip http server status and show ip http server secure status commands at the prompt and look for output similar to:

Router>show ip http server status

HTTP server status: Enabled

If the device is not running the HTTP server, you should see output similar to:

Router>show ip http server status

HTTP server status: Disabled

Any version of Cisco IOS prior to the versions which will be listed in the Fixed Software section..."

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS vulns...

- http://www.cisco.com/warp/public/707/cisco...90729-bgp.shtml

Last Updated: 2009 July 30

- http://www.us-cert.gov/current/#cisco_rele..._advisory_for12

 

Cisco Wireless LAN Controllers - multiple vulns

- http://www.cisco.com/warp/public/707/cisco...90727-wlc.shtml

2009 July 27

- http://www.us-cert.gov/current/#cisco_rele..._advisory_for11

 

:ph34r: :ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco firewall vuln - update available

- http://secunia.com/advisories/36373/2/

Release Date: 2009-08-20

Critical: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch ...

Software: Cisco Firewall Services Module (FWSM) 2.x, Cisco Firewall Services Module (FWSM) 3.x, Cisco Firewall Services Module (FWSM) 4.x

Solution: Update to version 3.1(16), 3.2(13), or 4.0(6).

Users of version 2.x should migrate to either 3.x or 4.x.

Original Advisory: cisco-sa-20090819-fwsm:

http://www.cisco.com/warp/public/707/cisco...0819-fwsm.shtml

Other References: Cisco Applied Mitigation Bulletin:

http://www.cisco.com/en/US/products/produc...0080af151c.html

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

> http://atlas.arbor.net/briefs/index#-1060669303

 

Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerabilities

- http://www.cisco.com/warp/public/707/cisco...90818-bgp.shtml

Last Updated 2009 August 24

 

Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability

- http://www.cisco.com/warp/public/707/cisco...0819-fwsm.shtml

2009 August 19

 

Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability

- http://tools.cisco.com/security/center/vie...x?alertId=18919

August 25, 2009

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco: TCP State Manipulation DoS vulns - Multiple Cisco Products

- http://www.cisco.com/warp/public/707/cisco...908-tcp24.shtml

2009 September 8 - "Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely... In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system... Cisco has released free software updates that address these vulnerabilities..."

- http://www.cisco.com/public/sw-center/sw-usingswc.shtml

 

- http://secunia.com/advisories/36618/2/

Release Date: 2009-09-09

Critical: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch...

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS multiple vulns - updates available

- http://secunia.com/advisories/36835/2/

Release Date: 2009-09-24

Critical: Moderately critical

Impact: Security Bypass, Exposure of sensitive information, DoS, System access

Where: From remote

Solution Status: Vendor Patch

OS: Cisco IOS 12.x, Cisco IOS R12.x, Cisco IOS XE 2.1.x, Cisco IOS XE 2.2.x, Cisco IOS XE 2.3.x

Solution: Update to a fixed version (please see the vendor's advisories for details)...

Original Advisory:

http://www.cisco.com/warp/public/707/cisco...90923-cme.shtml

http://www.cisco.com/warp/public/707/cisco...923-ipsec.shtml

http://www.cisco.com/warp/public/707/cisco...3-tunnels.shtml

http://www.cisco.com/warp/public/707/cisco...90923-acl.shtml

http://www.cisco.com/warp/public/707/cisco...0923-h323.shtml

http://www.cisco.com/warp/public/707/cisco...90923-sip.shtml

http://www.cisco.com/warp/public/707/cisco...90923-tls.shtml

http://www.cisco.com/warp/public/707/cisco...uth-proxy.shtml

http://www.cisco.com/warp/public/707/cisco...23-ios-fw.shtml

http://www.cisco.com/warp/public/707/cisco...90923-ntp.shtml

___

 

Cisco UCM SIP Processing DoS - updates available

- http://secunia.com/advisories/36836/2/

Release Date: 2009-09-24

Critical: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Software: Cisco Unified Communications Manager 5.x, Cisco Unified Communications Manager 6.x, Cisco Unified Communications Manager 7.x

Original Advisory:

http://www.cisco.com/warp/public/707/cisco...090923-cm.shtml

___

 

Summary of Cisco IOS Software Bundled Advisories

- http://www.cisco.com/warp/public/707/cisco...23-bundle.shtml

September 23, 2009

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco WebEx WRF Player vulns

- http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml

2009 December 16 - "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server... Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution...

(CVE) identifiers:

* CVE-2009-2875

* CVE-2009-2876

* CVE-2009-2877

* CVE-2009-2878

* CVE-2009-2879

* CVE-2009-2880 ...

There are no workarounds for the vulnerabilities disclosed in this advisory... Cisco has released free software updates that address these vulnerabilities..."

 

- http://isc.sans.org/diary.html?storyid=7762

Last Updated: 2009-12-16 20:00:37 UTC

 

- http://secunia.com/advisories/37810/2/

Release Date: 2009-12-17

Critical: Highly critical

Impact: System access

Where: From remote

Solution Status: Vendor Patch ...

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS / DoS vuln - update available

- http://secunia.com/advisories/38227/2/

Release Date: 2010-01-21

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

OS: Cisco IOS XR 3.x ...

Solution: Update to fixed versions. Please see the vendor's advisory for details.

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco-sa-20100120-xr-ssh.shtml

 

- http://atlas.arbor.net/briefs/index#1942399210

 

Cisco InternetWork Performance Monitor GIOP Request Buffer Overflow

- http://secunia.com/advisories/38230/2/

Last Update: 2010-01-22

Critical: Moderately critical

Impact: DoS, System access

Where: From local network

Solution: Contact the vendor for instructions on migrating to non-vulnerable software

(please see the vendor advisory for details).

Restrict network access to an affected system.

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco-sa-20100120-ipm.shtml

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Unified MeetingPlace - multiple vulns

- http://secunia.com/advisories/38259/2/

Release Date: 2010-01-28

Critical: Moderately critical

Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, Privilege escalation

Where: From remote

Solution Status: Vendor Patch

Software: Cisco Unified MeetingPlace 5.x, Cisco Unified MeetingPlace 6.x, Cisco Unified MeetingPlace 7.x

Solution: Update to the latest version.

http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278785523

Original Advisory:

http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml

 

- http://securitytracker.com/alerts/2010/Jan/1023511.html

CVE Reference: CVE-2010-0139, CVE-2010-0140, CVE-2010-0141, CVE-2010-0142

Date: Jan 27 2010

 

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0139

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0140

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0141

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0142

 

- http://www.us-cert.gov/current/#cisco_releases_security_advisory_for16

January 28, 2010

 

Multiple Vulnerabilities in Cisco Unified MeetingPlace

- http://atlas.arbor.net/briefs/index#-478562949

Severity: Elevated Severity

Published: Friday, January 29, 2010 19:03

"Multiple issues have been found and fixed in Cisco Unified MeetingPlace versions 5, 6, and 7. These bugs could allow for SQL injection, privilege escalation, account enumeration, and unauthorized new account creation. Cisco has made updated software available to their customers to address these issues.

Analysis: Sites using Cisco Unified MeetingPlace should review this update and apply the updates soon."

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Secure Desktop vuln - update available

- http://secunia.com/advisories/38397/2/

Release Date: 2010-02-02

Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch

OS: Cisco Adaptive Security Appliance (ASA) 8.x

Software: Cisco Secure Desktop 3.x

Solution: Update to fixed versions:

Cisco Secure Desktop: Update to version 3.5.

Cisco ASA 5500 Series Adaptive Security Appliances:

Update to version 8.2(1), 8.1(2.7), or 8.0(5)

Original Advisory: Cisco:

http://tools.cisco.com/security/center/viewAlert.x?alertId=19843

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Releases Multiple Security Advisories

- http://www.us-cert.gov/current/#cisco_releases_multiple_security_advisories

February 17, 2010

> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml

Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service condition.

> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml

Security advisory, cisco-sa-20100217-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. These vulnerabilities may allow an attacker to gain unauthorized access to an affected system or cause a denial-of-service condition.

> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml

Security advisory, cisco-sa-20100217-csa, addresses multiple vulnerabilities in the Cisco Security Agent. These vulnerabilities may allow an attacker to execute arbitrary SQL commands, view and download arbitrary files, or cause a denial-of-service condition...

 

- http://atlas.arbor.net/briefs/index#1477198596

February 17, 2010

 

Cisco PIX 500

- http://secunia.com/advisories/38636

 

Cisco Firewall Services Module

- http://secunia.com/advisories/38621/

 

Cisco ASA 5500

- http://secunia.com/advisories/38618/

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco - multiple advisories...

- http://www.us-cert.gov/current/#cicso_releases_multiple_security_advisories

March 4, 2010

 

- http://secunia.com/advisories/38799/

Release Date: 2010-03-04

Criticality level: Moderately critical

Impact: Manipulation of data

Where: From remote

Solution Status: Vendor Patch

Operating System: Cisco Digital Media Player 5.x

Original Advisory:

http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml

 

- http://secunia.com/advisories/38754/

Release Date: 2010-03-04

Criticality level: Moderately critical

Impact: DoS

Solution Status: Vendor Patch

Software: Cisco Unified Communications Manager 4.x, Cisco Unified Communications Manager 6.x, Cisco Unified Communications Manager 7.x

Original Advisory:

http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml

 

- http://secunia.com/advisories/38824/

Software: Cisco Unified Communications Manager 5.1 reached the End of Software Maintenance on 2010-02-13...

Original Advisory:

http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco - 7 security updates

- http://isc.sans.org/diary.html?storyid=8488

Last Updated: 2010-03-24 22:52:39 UTC - "... information at their site:

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html ..."

24-March-2010 16:00 GMT

 

- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee1.shtml

2010 March 24 1600 UTC

 

- http://atlas.arbor.net/briefs/index#1182447196

March 24, 2010 - "... Cisco has released 7 security bulletins for its IOS, IOS XR, and CUCM product features, all of which are denial of service issues..."

 

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0584

Last revised: 03/26/2010

CVSS v2 Base Score: 7.8 (HIGH)

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Secure Desktop vuln - update available

- http://secunia.com/advisories/39459/

Release Date: 2010-04-15

Criticality level: Highly critical

Impact: System access

Solution Status: Vendor Patch

Software: Cisco Secure Desktop 3.x, Cisco Secure Desktop Installer ActiveX Control 1.x

CVE Reference: CVE-2010-0589

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco-sa-20100414-csd.shtml

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco PGW vulns - updates available

- http://www.cisco.com/warp/public/707/cisco-sa-20100512-pgw.shtml

2010 May 12 - "Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products... Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities... All vulnerabilities listed in this Security Advisory are addressed in Cisco PGW 2200 Softswitch version 9.7(3)S11, version 9.8(1)S5, and subsequent, software releases..."

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

- http://atlas.arbor.net/briefs/index#-1480011314

May 12, 2010 - Elevated Severity - "Analysis: This is a big set of medium risk vulnerabilities. We encourage sites using the PGW 2200 to update soon to address them."

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Network Building Mediator - updates available

- http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml

May 26, 2010 - "These vulnerabilities affect the legacy Richards-Zeta Mediator 2500 product and Cisco Network Building Mediator NBM-2400 and NBM-4800 models. All Mediator Framework software releases prior to 3.1.1 are affected by all vulnerabilities listed in this security advisory... Fixed 3.1.1 and 3.0.9 Mediator Framework software can be downloaded from the Software Center... by visiting http://www.cisco.com/cisco/psn/web/download/index.html and navigating to Physical Security and Building Systems > Smart Connected Buildings > Cisco Network Building Mediator. To obtain fixed 1.5.1 and 2.2 Mediator Framework software and configTOOL version 3.1.0b1 contact Cisco TAC... There are no workarounds for these vulnerabilities..."

 

- http://securitytracker.com/alerts/2010/May/1024027.html

May 26 2010

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Application Extension Platform (AXP) 1.1 and 1.1.5

allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1572

Last revised: 06/17/2010

CVSS v2 Base Score: 9.0 (HIGH)

Type: Advisory; Patch Information

- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3290b.shtml

 

Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2)

unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1571

Last revised: 06/17/2010

CVSS v2 Base Score: 7.8 (HIGH)

Type: Advisory; Patch Information

- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml

2010 July 07 - "Summary: Cisco Industrial Ethernet 3000 (IE 3000) Series switches running Cisco IOS® Software releases 12.2(52)SE or 12.2(52)SE1, contain a vulnerability where well known SNMP community names are hard-coded for both read and write access. The hard-coded community names are "public" and "private." Cisco recommends that all administrators deploy the mitigation measures outlined in the Workarounds section or perform a Cisco IOS Software upgrade... Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available...

Impact: Successful exploitation of the vulnerability could result in an attacker obtaining full control of the device..."

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1574

CVSS v2 Base Score: 10.0 (HIGH)

- http://www.kb.cert.org/vuls/id/732671

Date Last Updated: 2010-07-12

 

- http://www.vsecurity.com/resources/advisory/20100702-1/

2010-07-02 "... Cisco CSS 11500 Series Content Services Switch... implement more stringent request validation and/or corrections when receiving requests which do not utilize HTTP-compliant newlines... Three primary approaches are possible..."

- http://www.securityfocus.com/archive/1/archive/1/512144/100/0/threaded

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1575

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1576

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2629

CVSS v2 Base Score: 7.5 (HIGH)

 

:!: :!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco CDS vuln - update available

- http://secunia.com/advisories/40701/

Release Date: 2010-07-22

Criticality level: Moderately critical

Impact: Exposure of system information, Exposure of sensitive information

Where: From remote

Software: Cisco Content Delivery System 2.x

CVE Reference: CVE-2010-1577

... The vulnerability is reported in versions 2.2.x, 2.3.x, 2.4.x, and 2.5.x.

Solution: Update to version 2.5.7 or later.

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml

Last Updated: 2010 July 29 Revision 1.1 - "Updated Details and Workaround sections..."

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

29-July-2010

 

- http://atlas.arbor.net/briefs/

July 23, 2010

 

:!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

Multiple Cisco Advisories

- http://isc.sans.edu/diary.html?storyid=9331

Last Updated: 2010-08-04 18:35:02 UTC

 

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances, impact is DoS.

Advisory ID: cisco-sa-20100804-asa

http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml

 

- http://securitytracker.com/alerts/2010/Aug/1024279.html

Aug 4 2010

 

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module, impact is DoS.

Advisory ID: cisco-sa-20100804-fwsm

http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml

 

- http://securitytracker.com/alerts/2010/Aug/1024280.html

Aug 4 2010

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

- http://tools.cisco.com/security/center/home.x

 

- http://tools.cisco.com/security/center/viewAllSearch.x

 

Cisco ACE vuln - update available

- http://www.cisco.com/warp/public/707/cisco-sa-20100811-ace.shtml

2010 August 11 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine contain the following DoS vulnerabilities:

• Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability

• HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS vulnerability

• Secure Socket Layer (SSL) DoS vulnerability

• SIP inspection DoS vulnerability

Cisco has released free software updates for affected customers. Workarounds that mitigate some of the vulnerabilities are available.

Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another..."

 

Cisco WCS SQL Injection - update available

- http://www.cisco.com/warp/public/707/cisco-sa-20100811-wcs.shtml

2010 August 11 - "Cisco Wireless Control System (WCS) contains a SQL injection vulnerability that could allow an authenticated attacker full access to the vulnerable device, including modification of system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability..."

 

Cisco IOS TCP vuln

- http://secunia.com/advisories/40958/

Release Date: 2010-08-13

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Operating System: Cisco IOS 15.0

CVE Reference: CVE-2010-2827

Original Advisory:

- http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml

 

- http://securitytracker.com/alerts/2010/Aug/1024322.html

- http://securitytracker.com/alerts/2010/Aug/1024321.html

- http://securitytracker.com/alerts/2010/Aug/1024335.html

 

:!: :!: :!:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

Cisco UCM updated

- http://secunia.com/advisories/41100/

Release Date: 2010-08-26

Criticality level: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Software: Cisco Unified Communications Manager 6.x, 7.x, 8.x

CVE Reference(s): CVE-2010-2837, CVE-2010-2838

Original Advisory: cisco-sa-20100825-cucm:

http://www.cisco.com/warp/public/707/cisco-sa-20100825-cucm.shtml

 

Cisco Unified Presence updated

- http://secunia.com/advisories/41070/

Release Date: 2010-08-26

Criticality level: Moderately critical

Impact: DoS

Where: From remote

Solution Status: Vendor Patch

Software: Cisco Unified Presence 6.x, Cisco Unified Presence 7.x

CVE Reference(s): CVE-2010-2839, CVE-2010-2840

... The vulnerabilities are reported in versions prior to 6.0( 7 ) and 7.0( 8 ).

Solution: Update to version 6.0( 7 ) or 7.0( 8 ).

Original Advisory: cisco-sa-20100825-cup:

http://www.cisco.com/warp/public/707/cisco-sa-20100825-cup.shtml

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

Cisco IOS XR Software BGP vuln

- http://secunia.com/advisories/41190/

Release Date: 2010-08-30

Criticality level: Moderately critical

Impact: DoS

Where: From remote

Operating System: Cisco IOS XR 3.x

CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3035

Original Advisory

- http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml

Revision 1.4 - Last Updated 2010 September 01 - "... Impact: Successful exploitation of these vulnerabilities may result in the continuous resetting of BGP peering sessions. This may lead to routing inconsistencies and a denial of service for those affected networks..."

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.0/routing/configuration/guide/rc3rpl.html#wp1118699

 

- http://securitytracker.com/alerts/2010/Aug/1024371.html

Aug 28 2010

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

Cisco Applied Mitigation Bulletins

- http://tools.cisco.com/security/center/searchAIR.x

Last updated: 08 Sep 2010

 

Cisco Wireless LAN Controllers - multiple vulns...

- http://cisco.com/warp/public/707/cisco-sa-20100908-wlc.shtml

2010 September 08 - "Summary:

The Cisco Wireless LAN Controller (WLC) product family is affected by these vulnerabilities:

• Two denial of service (DoS) vulnerabilities

• Three privilege escalation vulnerabilities

• Two access control list (ACL) bypass vulnerabilities

Note: These vulnerabilities are independent of one another. A device may be affected by one vulnerability and not affected by another.

Cisco has released free software updates that address these vulnerabilities.

There are no workarounds to mitigate these vulnerabilities..."

(See "Affected Products" and "Software Versions and Fixes"...)

 

- http://secunia.com/advisories/41357/

Release Date: 2010-09-09

Impact: Security Bypass, Privilege escalation, DoS

Where: From local network

... The vulnerabilities are reported in the following products:

* Cisco 2000 Series WLCs

* Cisco 2100 Series WLCs

* Cisco 4100 Series WLCs

* Cisco 4400 Series WLCs

* Cisco 5500 Series WLCs

* Cisco Wireless Services Modules (WiSMs)

* Cisco WLC Modules for Integrated Services Routers (ISRs)

* Cisco Catalyst 3750G Integrated WLCs

Solution: Update to a fixed version (Please see vendor's advisory for details).

Original Advisory: cisco-sa-20100908-wlc:

http://www.cisco.com/warp/public/707/cisco-sa-20100908-wlc.shtml

 

- http://securitytracker.com/alerts/2010/Sep/1024408.html

Sep 8 2010

 

:ph34r:

Edited by apluswebmaster

Share this post


Link to post
Share on other sites

FYI...

 

CiscoWorks vuln - updates available

- http://www.cisco.com/warp/public/707/cisco-sa-20101027-cs.shtml

2010 October 27 - "CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability..."

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

- http://secunia.com/advisories/42011/

Release Date: 2010-10-28

Criticality level: Moderately critical

Impact: System access

Where: From local network

CVE Reference: CVE-2010-3036

Solution: Upgrade to Common Services version 4.0 or apply patches.

Original Advisory: Cisco:

http://www.cisco.com/warp/public/707/cisco-sa-20101027-cs.shtml

 

- http://www.securitytracker.com/id?1024646

Oct 27 2010

 

:ph34r:

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

CiscoWorks Common Services vuln - updates available

- http://www.cisco.com/warp/public/707/cisco-sa-20101027-cs.shtml

Revision 1.2 - Updated: Nov 05, 2010 - "CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. Mitigations that limit the attack surface of this vulnerability are available... The vulnerability could be exploited over TCP port 443 or 1741.

Note: The default HTTP and HTTPS ports can be reconfigured on the server.

The vulnerability affects both CiscoWorks Common Services for Oracle Solaris and Microsoft Windows..."

 

Cisco UCM vuln - update available

- http://secunia.com/advisories/42129/

Release Date: 2010-11-08

Impact: Privilege escalation

Solution Status: Vendor Patch

Original Advisory: Cisco:

- http://tools.cisco.com/security/center/viewAlert.x?alertId=21656

 

- http://www.securitytracker.com/id?1024694

Nov 8 2010

- http://www.securitytracker.com/id?1024693

Nov 8 2010

 

:ph34r: :ph34r:

Edited by AplusWebMaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco UVC VxWorks - multiple vulns

- http://www.securitytracker.com/id?1024753

Nov 17 2010 - "... Solution: No solution was available at the time of this entry. The vendor has described some mitigation steps in their advisory.

The vendor's advisory is available at:

http://www.cisco.com/warp/public/707/cisco-sr-20101117-cuvc.shtml#add

2010 November 17 - "... Administrators can mitigate these vulnerabilities by limiting access to Cisco UVC web server to trusted hosts by disabling FTP, SSH, and Telnet services and by setting the "Security mode" field in the "Security" section of the Cisco UVC web GUI to "Maximum"..."

 

- http://www.cisco.com/en/US/docs/video/cuvc/7_0/configuration_guide/setup.html#wp1690479

 

- http://secunia.com/advisories/42248/

Release Date: 2010-11-18

Impact: Hijacking, Exposure of sensitive information, Privilege escalation, System access

Where: From local network

Solution Status: Unpatched ...

CVE Reference(s):

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3037

Last revised: 11/23/2010

CVSS v2 Base Score: 8.5 (HIGH)

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3038

Last revised: 11/23/2010

CVSS v2 Base Score: 10.0 (HIGH)

 

:ph34r: :ph34r:

Edited by AplusWebMaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco IOS multiple flaws...

- http://www.securitytracker.com/id?1024964

Jan 17 2011

CVE Reference: CVE-2009-5038, CVE-2009-5039, CVE-2009-5040, CVE-2010-4671, CVE-2010-4683, CVE-2010-4684, CVE-2010-4685, CVE-2010-4686, CVE-2010-4687

Solution: The vendor has issued a fix (15.0(1)XA5)...

- http://secunia.com/advisories/42917/

-- http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf

 

Cisco ASA multiple flaws...

- http://www.securitytracker.com/id?1024963

Jan 17 2011

CVE Reference: CVE-2009-5037, CVE-2010-4670, CVE-2010-4672, CVE-2010-4673, CVE-2010-4674, CVE-2010-4675, CVE-2010-4676, CVE-2010-4677, CVE-2010-4678, CVE-2010-4679, CVE-2010-4680, CVE-2010-4681, CVE-2010-4682, CVE-2010-4688, CVE-2010-4689, CVE-2010-4690, CVE-2010-4691

Solution: The vendor has issued a fix (8.3(2))...

- http://secunia.com/advisories/42931/

-- http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html

-- http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

- http://secunia.com/advisories/42942/

-- http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

___

 

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0935

Last revised:04/14/2011

"... PKI functionality in Cisco IOS 15.0 and 15.1... different vulnerability than CVE-2010-4685*..."

CVSS v2 Base Score: 10.0 (HIGH)

CVSS score derived from:

http://www.cisco.com/en/US/docs/ios/15_1s/release/notes/15_1s_caveats_15_1_2s.html

 

* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4685

 

:!: :ph34r:

Edited by AplusWebMaster

Share this post


Link to post
Share on other sites

FYI...

 

Cisco Content Services Gateway - updates available

- http://secunia.com/advisories/43052/

Release Date: 2011-01-26

Criticality level: Moderately critical

Impact: Security Bypass, DoS

Where: From remote

CVE Reference(s): CVE-2011-0348, CVE-2011-0349, CVE-2011-0350

Solution/Original Advisory: cisco-sa-20110126-csg2:

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6791d.shtml

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

- http://www.securitytracker.com/id/1024992

Jan 26 2011

 

:ph34r:

Edited by AplusWebMaster

Share this post


Link to post
Share on other sites

FYI...

 

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

 

Cisco / Tandberg E, EX and C Series Endpoints vuln...

- http://www.cisco.com/en/US/customer/products/ps11422/products_security_advisory09186a0080b69541.shtml

2011 February 2 - "... Tandberg devices are part of the Cisco TelePresence Systems that provide Cisco TelePresence endpoints for immersive environments, conference rooms, individual desktops and home offices. The C Series Endpoints are typically deployed as Multipurpose Room Systems and the E/EX Personal Video units are desktop devices. These devices contain a root user that is enabled for advanced debugging that is unnecessary during normal operations. The root account is not the same as the admin and user accounts. The root user is enabled by default in software versions prior to TC 4.0.0. The default configuration prior to TC 4.0.0 does not set a password for the root user. When a device is upgraded to TC 4.0.0, the root user is disabled. System software for Tandberg C Series Endpoints and E/EX Personal Video units is available for download at:

http://www.tandberg.com/support/video-conferencing-software-download.jsp?t=2

For instructions on how to set a root password or disable the root user on other software versions, see the workaround section of this advisory. This vulnerability has been assigned the CVE ID CVE-2011-0354..."

- http://secunia.com/advisories/43158/

Release Date: 2011-02-03

Criticality level: Moderately critical

Impact: System access

Where: From local network

... The security issue is reported in versions prior to TC 4.0.0...

 

- http://www.securitytracker.com/id/1025017

Feb 2 2011

___

 

Cisco WebEx player vulns...

- http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml

2011 February 1 - "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user... Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur... These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers: CVE-2010-3269, CVE-2010-3041, CVE-2010-3042, CVE-2010-3043, CVE-2010-3044

...If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server. If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from http://www.webex.com/downloadplayer.html ..."

- http://secunia.com/advisories/43122/

Last Update: 2011-02-03

Criticality level: Highly critical

Impact: System access

Where: From remote

Solution: Update to build T27LC SP22 and T27LB SP21 EP3...

 

- http://www.securitytracker.com/id/1025015

- http://www.securitytracker.com/id/1025016

Feb 1 2011

 

:!: :!:

Edited by AplusWebMaster

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now