332 replies to this topic

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Multiple Cisco Products - OpenSSL Heartbeat Extension Vulnerability
- http://tools.cisco.c...0409-heartbleed
Last Updated: 2014 April 18 - "Summary: Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server. The vulnerability is due to a missing bounds check in the handling of the Transport Layer Security (TLS) heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or Datagram Transport Layer Security (DTLS) client, if trying to exploit the vulnerability on an affected server, or a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. An exploit could send a specially crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords. Please note that the devices that are affected by this vulnerability are the devices acting as an SSL server terminating SSL connections or devices acting as an SSL Client initiating an SSL connection. Devices that are simply traversed by SSL traffic without terminating it are not affected. This advisory will be updated as additional information becomes available. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available..."
Revision 1.10 - 2014-April-18 - Updated the Affected Products, Vulnerable Products, Products Confirmed Not Vulnerable, and Software Versions and Fixes sections.
 

Edited by AplusWebMaster, 21 April 2014 - 12:01 PM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco TelePresence TC and TE Software - multiple vulns
- http://tools.cisco.c...a-20140430-tcte
2014 April 30 - "Summary: Cisco TelePresence TC and TE Software are affected by the following vulnerabilities:
• Six Session Initiation Protocol (SIP) denial of service vulnerabilities
• Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability
• Cisco TelePresence TC and TE Software Input Validation Vulnerability
• Cisco TelePresence TC and TE Software tshell Command Injection Vulnerability
• Cisco TelePresence TC and TE Software Heap Overflow Vulnerability
• Cisco TelePresence TC and TE Software U-Boot Buffer Overflow Vulnerability
• Cisco TelePresence TC and TE Software Unauthenticated Serial Port Access Vulnerability
• Cisco TelePresence TC H.225 Denial of Service Vulnerability
Successful exploitation of these vulnerabilities could allow an attacker to cause the affected system to reload, execute arbitrary commands or obtain privileged access to the affected system... Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities..."
- http://www.securityt....com/id/1030181
CVE Reference: CVE-2014-2162, CVE-2014-2163, CVE-2014-2164, CVE-2014-2165, CVE-2014-2166, CVE-2014-2167, CVE-2014-2168, CVE-2014-2169, CVE-2014-2170, CVE-2014-2171, CVE-2014-2172, CVE-2014-2173, CVE-2014-2175
Apr 30 2014
Impact: Denial of service via network, Execution of arbitrary code via network, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): TC and TE 4.x, TC 5.x, TC 6.x, TE 6.0, TC 7.x ...
Solution: The vendor has issued a fix (TC 6.3.1, TC 7.1.1).

Cisco TelePresence System MXP Series - multiple vulns
- http://tools.cisco.c...sa-20140430-mxp
2014 April 30 - "Summary: Cisco TelePresence System MXP Series Software contains the following vulnerabilities:
• Three SIP denial of service vulnerabilities
• Three H.225 denial of service vulnerabilities
Successful exploitation of these vulnerabilities may allow an attacker to cause system instability and the affected system to reload... Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities...
- http://www.securityt....com/id/1030183
CVE Reference: CVE-2014-2156, CVE-2014-2157, CVE-2014-2158, CVE-2014-2159, CVE-2014-2160, CVE-2014-2161
Apr 30 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): MXP Series prior to F9.3.1 ...
Solution: The vendor has issued a fix (MXP Series Software version F9.3.1)...

OpenSSL Heartbeat Extension vuln - Multiple Cisco Products
- http://tools.cisco.c...0409-heartbleed
Revision 1.17 Last Updated 2014 April 30 - "Updated the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections..."
 

[AplusWebMaster]

FYI...

Cisco - OpenSSL Heartbeat Extension vuln
- http://tools.cisco.c...tbleed#affected
Rev 1.19 - 2014 May 6 - "Summary: Multiple Cisco products incorporate a version of the OpenSSL package... The list of affected products will be updated as the investigation continues..."
Rev 1.21 - 2014-May-15 - Updated the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections. Upon further investigation the Cisco Edge 300 Digital Media Player was moved to the Products Confirmed Not Vulnerable section.

- http://www.cisco.com...Heartbleed.html

- http://tools.cisco.c...x?alertId=33695
 

Edited by AplusWebMaster, 19 May 2014 - 10:44 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco WebEx Recording Format and Advanced Recording Format Players - multiple vulns
- http://tools.cisco.c...-20140507-webex
2014 May 7 - "Summary: Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. Exploitation of these vulnerabilities could allow a remote attacker to cause an affected player to crash and, in some cases, could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. Cisco has updated affected versions of the Cisco WebEx Business Suite meeting sites, Cisco WebEx 11 meeting sites, Cisco WebEx Meetings Server, and Cisco WebEx WRF and ARF Players to address these vulnerabilities..."
- http://www.securityt....com/id/1030206
CVE Reference: CVE-2014-2132, CVE-2014-2133, CVE-2014-2134, CVE-2014-2135, CVE-2014-2136
May 7 2014
Impact: Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution: The vendor has issued a fix:
Cisco WebEx Business Suite (WBS29) client builds T29.2
Cisco WebEx Business Suite (WBS28) client builds T28.12
Cisco WebEx Business Suite (WBS27) client builds T27TLSP32EP16 (27.32.16)
Cisco WebEx 11 version 1.2.10 with client builds T28.12
Cisco WebEx Meetings Server client builds 2.0.0.1677 ...
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco NX-OS-Based Products - Multiple Vulnerabilities
- http://tools.cisco.c...a-20140521-nxos
2014 May 21 - "Summary: Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities:
- Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability
- Cisco NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability
- Cisco NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability
- Cisco NX-OS Message Transfer Service Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities..."
- http://www.securityt....com/id/1030268
CVE Reference: CVE-2013-1191, CVE-2014-2200, CVE-2014-2201, CVE-2014-3261
May 21 2014
Solution: The vendor has issued a fix.
A patch matrix is available in the vendor's advisory...
___

Cisco Wide Area Application Services Remote Code Execution Vulnerability
- http://tools.cisco.c...a-20140521-waas
2014 May 21 - "Summary: A vulnerability in Cisco Wide Area Application Services (WAAS) software versions 5.1.1 through 5.1.1d, when configured with the SharePoint acceleration feature, could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to incorrect buffer handling for SharePoint responses. An attacker could exploit this vulnerability by convincing a user to access a malicious SharePoint application. An exploit could allow the attacker to crash the application optimization handler and execute arbitrary code with elevated privileges on the WAAS appliance. Cisco has released free software updates that address this vulnerability..."
- http://www.securityt....com/id/1030265
CVE Reference: CVE-2014-2196
May 21 2014
Solution: The vendor has issued a fix (5.1.1e).
___

Cisco AsyncOS Software Administration Role Authorization Vulnerability
- http://tools.cisco.c...e/CVE-2014-2195
2014 May 21 - "Summary: A vulnerability exists in the group processing functions of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) devices that are configured to use Microsoft Active Directory services as the authentication database. This configuration could allow an unauthenticated, remote attacker to bypass security restrictions and be assigned a role that the attacker was not explicitly assigned. The vulnerability is due to incorrect processing of group names retrieved from a Microsoft Active Directory server. An attacker could exploit this vulnerability if the attacker belongs to a group with a name that contains a similar set of characters as the name of an authorized group. An exploit could allow the attacker to access the device or obtain access to a role for which the attacker was not specifically authorized on the device... Customers who wish to upgrade to a software version that includes fixes for these issues should contact their normal support channels. Free software updates will not be provided for issues that are disclosed through a Cisco Security Notice..."
- http://www.securityt....com/id/1030258
CVE Reference: https://web.nvd.nist...d=CVE-2014-2195
May 20 2014
___

Cisco IOS Software IPv6 DoS vuln
- http://tools.cisco.c...a-20110928-ipv6
2011 Sep 28 / Last Updated: 2014 May 20 - "Summary: Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 operation enabled. The vulnerability is triggered when an affected device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability...
Note: The September 28, 2011, Cisco IOS Software Security Advisory bundled publication includes ten Cisco Security Advisories. Nine of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the September 2011 Bundled Publication. Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link:
- http://www.cisco.com..._ERP_sep11.html
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco IOS XR Software IPv6 Malformed Packet DoS vuln
- http://tools.cisco.c...a-20140611-ipv6
2014 June 11 - "Summary: A vulnerability in the parsing of malformed Internet Protocol version 6 (IPv6) packets in Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a lockup and eventual reload of a Network Processor (NP) chip and a line card processing traffic. Only Trident-based line cards on Cisco ASR 9000 Series Aggregation Services Routers are affected by this vulnerability. The vulnerability is due to insufficient logic in parsing malformed IPv6 packets. An attacker could exploit this vulnerability by sending a stream of malformed IPv6 packets to the affected device. An exploit could allow the attacker to cause a lockup and eventual reload of an NP chip and a line card, leading to a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. There are no workarounds that address this vulnerability..."
- http://www.securityt....com/id/1030400
CVE Reference: CVE-2014-2176
Jun 11 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution:   The vendor has issued a fix:
For 4.2.1: asr9k-p-4.2.1.CSCun71928 and asr9k-px-4.2.1.CSCun71928
For 4.2.3: asr9k-px-4.2.3.CSCun71928 and asr9k-p-4.2.3.CSCun71928
For 4.3.1: asr9k-px-4.3.1.CSCun71928
For 4.3.2: asr9k-px-4.3.2.CSCun71928
For 4.3.4: asr9k-px-4.3.4.CSCuo22306
For 5.1.1: asr9k-px-5.1.1.CSCuo22306 ..."

Cisco Products - OpenSSL vuln multiple products
- http://tools.cisco.c...0140605-openssl
Last Updated  2014 June 11 20:45  UTC (GMT) Rev 1.4 - "Updated the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections..."
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco products - OpenSSL multiple vulns
- http://tools.cisco.c...0140605-openssl
Last Updated: 2014 June 16 - Rev 1.7 - "... As the investigation progresses, this document will be updated to include the Cisco bug IDs for each affected product.... additional platform-specific information, including workarounds (if available) and fixed software versions... Cisco products currently under investigation... (listed. Also:) Products Confirmed Not Vulnerable..."
Revision 1.7 - 2014-June-16 - Updated the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections. Linked bug IDs of currently known affected products.

Cisco IOS XR Software IPv6 Malformed Packet DoS vuln
- http://tools.cisco.c...a-20140611-ipv6
Revision 1.1 - 2014-June-13 -Added information about 4.1.2-based SMU to the "Software Versions and Fixes" section.
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco products - OpenSSL multiple vulns ...
- http://tools.cisco.c...0140605-openssl
Rev 1.8 - 2014-June-18     
Rev 1.9 - 2014-June-19
Rev 1.10 - 2014-June-20

Rev 1.11 - 2014-June-23

Rev 1.13 - 2014-June-27
Rev 1.16 - Last Updated  2014 July 9 - "Updated the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections. Linked bug IDs of currently known affected products..."

Edited by AplusWebMaster, 11 July 2014 - 04:41 AM.

[AplusWebMaster]

FYI...

Cisco Unified Communications Domain Manager - multiple vulns
- http://tools.cisco.c...-20140702-cucdm
2014 July 2 - "Summary: Cisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by the following vulnerabilities:
> Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability
> Cisco Unified Communications Domain Manager Default SSH Key Vulnerability
> Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability
Successful exploitation of the Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability or of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability may allow an attacker to execute arbitrary commands or obtain privileged access to the affected system. Successful exploitation of the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may allow an attacker to access and modify BVSMWeb portal user information such settings in the personal phone directory, speed dials, Single Number Reach, and call forward settings. Cisco has released free software updates that address the Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability and the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability.
Cisco will provide a free software update for the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability as soon as the fix is available. Workarounds that mitigate these vulnerabilities are not available. Customers that are concerned about the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may apply the mitigation detailed in the "Workarounds" section of this advisory..."
Rev 2.0 - 2014-July-08 - Added information regarding fixed versions of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability

- http://www.securityt....com/id/1030515
CVE Reference: CVE-2014-2197, CVE-2014-2198, CVE-2014-3300
Jul 2 2014
 

Edited by AplusWebMaster, 11 July 2014 - 04:31 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Multiple Cisco Products - Apache Struts 2 Command Execution vuln
- http://tools.cisco.c...0140709-struts2
2014 July 9 - "Summary: Multiple Cisco products include an implementation of the Apache Struts 2 component that is affected by a remote command execution vulnerability identified by Apache with Common Vulnerabilities and Exposures ID CVE-2010-1870 *. The vulnerability is due to insufficient sanitization on user-supplied input in the XWorks component of the affected software. The component uses the ParameterInterceptors directive to parse the Object-Graph Navigation Language (OGNL) expressions that are implemented via a whitelist feature. An attacker could exploit this vulnerability by sending crafted requests that contain OGNL expressions to an affected system. An exploit could allow the attacker to execute arbitrary code on the targeted system. Cisco has released free software updates that address this vulnerability for all the affected products except Cisco Business Edition 3000 Series. Customers using Cisco Business Edition 3000 Series should contact their Cisco representative for available options. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available..."
* https://web.nvd.nist...d=CVE-2010-1870
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco Wireless Residential Gateway - Remote Code Execution vuln
- http://tools.cisco.c...osa-20140716-cm
2014 July 16 - "Summary: A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to incorrect input validation for HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available..."

Rev 1.1 - 2014-July-18 - Added fixed version information in the Vulnerable Products section.
- https://www.us-cert....y-Vulnerability

- https://web.nvd.nist...d=CVE-2014-3306 - 10.0 (HIGH)
 

Edited by AplusWebMaster, 24 July 2014 - 04:18 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco IOS, IOS XE Software EnergyWise DoS vuln
- http://tools.cisco.c...0806-energywise
2014 Aug 6 - "Summary: A vulnerability in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper parsing of crafted EnergyWise packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted EnergyWise packet to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability..."

Rev 1.1 - 2014-Aug-15 - Added 3.6E to the list of vulnerable releases.
Rev 1.2 - 2014-Aug-20 - Added 3.3xXO to the list of vulnerable IOS XE releases. Marked 15.0EX, 15.0EZ, 15.2S, and 15.4S not vulnerable and removed from affected IOS releases.
- http://www.securityt....com/id/1030682
CVE Reference: CVE-2014-3327
Aug 6 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  ...
Solution: The vendor has issued a fix...

OpenSSL affecting Cisco Products - multiple vulns
- http://tools.cisco.c...0140605-openssl
Rev 1.21  2014 Aug 6 - "Updated the Affected Products and Vulnerable Products sections. Linked bug IDs of currently known affected products..."

Cisco - OSPF LSA Manipulation vuln ...
- http://tools.cisco.c...0130801-lsaospf
For Public Release 2013 Aug 1 Rev 1.3 - "Summary: Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic. The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available..."
Rev 1.3 - 2014-July-31   - Included NX-OS Software tables
Rev 1.2 - 2013-August-17 - Included OVAL definitions
Rev 1.1 - 2013-August-05 - Fixed broken links
Rev 1.0 - 2013-August-01 - Initial public release
 

Edited by AplusWebMaster, 21 August 2014 - 03:05 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco E-Series Blade Servers - Integrated Management Controller SSH DoS vuln
- http://tools.cisco.c...a-20140908-ucse
2014 Sept 8 - "Summary: A vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to a failure to properly handle a crafted SSH packet. An attacker could exploit this vulnerability by sending a crafted packet to the SSH server running on the Cisco IMC of an affected device, which could result in the Cisco IMC becoming unresponsive. The operating system running on the blade will be unaffected. Cisco has released free software updates that address this vulnerability..."
- http://www.securityt....com/id/1030813
CVE Reference: CVE-2014-3348
Sep 8 2014
Impact: Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): E-Series Blade Servers; Cisco IMC versions prior to 2.3.1 ...
Solution: The vendor has issued a fix (2.3.1).
 

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco IOS Software NAT DoS vuln
- http://tools.cisco.c...sa-20140924-nat
2014 Sep 24 - "Summary: A vulnerability in the Network Address Translation (NAT) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper translation of IP version 4 (IPv4) packets. Cisco has released free software updates that address this vulnerability..."
- http://www.securityt....com/id/1030896
CVE Reference: CVE-2014-3361
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...

Cisco IOS Software SIP DoS vuln
- http://tools.cisco.c...sa-20140924-sip
2014 Sep 24 - "Summary: A vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device. To exploit this vulnerability, affected devices must be configured to process SIP messages. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to this vulnerability..."
- http://www.securityt....com/id/1030897
CVE Reference: CVE-2014-3360
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...

Cisco IOS Software mDNS - multiple vulns
- http://tools.cisco.c...a-20140924-mdns
2014 Sep 24 - "Summary: The Cisco IOS Software implementation of the multicast Domain Name System (mDNS) feature contains the following vulnerabilities when processing mDNS packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition:
- Cisco IOS Software mDNS Gateway Memory Leak Vulnerability
- Cisco IOS Software mDNS Gateway Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities..."
- http://www.securityt....com/id/1030898
CVE Reference: CVE-2014-3357, CVE-2014-3358
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...

Cisco IOS Software Metadata vulns
- http://tools.cisco.c...140924-metadata
2014 Sep 24 - "Summary: Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device. The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available..."
- http://www.securityt....com/id/1030894
CVE Reference: CVE-2014-3355, CVE-2014-3356
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...

Cisco IOS Software RSVP vuln
- http://tools.cisco.c...a-20140924-rsvp
2014 Sep 24 - "Summary: A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available..."
- http://www.securityt....com/id/1030893
CVE Reference: CVE-2014-3354
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...

Cisco IOS Software DHCPv6 DoS vuln
- http://tools.cisco.c...20140924-dhcpv6
2014 Sep 24 - "Summary: A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper parsing of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of an affected device. Cisco has released free software updates that address this vulnerability..."
- http://www.securityt....com/id/1030895
CVE Reference: CVE-2014-3359
Sep 24 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes...
 

Edited by AplusWebMaster, 26 September 2014 - 04:12 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

GNU Bash Environmental Variable Command Injection Vuln
Advisory ID: cisco-sa-20140926-bash
- http://tools.cisco.c...a-20140926-bash
2014 Sep 26 - "Summary: On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is invoked. The Bash shell may be invoked by a number of processes including, but not limited to, telnet, SSH, DHCP, and scripts hosted on web servers.
All versions of GNU Bash starting with version 1.14 are affected by this vulnerability and the specific impact is determined by the characteristics of the process using the Bash shell. In the worst case, an unauthenticated remote attacker would be able to execute commands on an affected server. However, in most cases involving Cisco products, exploitation of the vulnerability results in an authenticated attacker having the ability to execute commands for which they are not authorized. A number of Cisco products ship with or leverage an affected version of the Bash shell. This advisory will be updated as additional information becomes available. Cisco may release free software updates that address this vulnerability if a product is determined to be affected by this vulnerability...
(See "Affected Products" list at the URL above.)
Rev 1.12- 2014-Oct-15 - Updated details on where to find fix information, details on testing tools, and the Affected Products, Vulnerable Products, and Products Confirmed Not Vulnerable sections.

 

Cisco IronPort - GNU bash...
- http://www.securityt....com/id/1030961
CVE Reference: CVE-2014-6271, CVE-2014-7169
Oct 2 2014
 

Cisco WebEx Meetings Server ...
- http://www.securityt....com/id/1030940
CVE Reference: https://web.nvd.nist...d=CVE-2014-3395
Oct 1 2014
- http://tools.cisco.c...e/CVE-2014-3395
Last Updated: 2014 Sep 30

- https://web.nvd.nist...d=CVE-2014-3400
Last revised: 10/06/2014
- http://tools.cisco.c...e/CVE-2014-3400
Last Updated: 2014 Oct 3

Advisory (ICSA-14-269-01)
Bash Command Injection Vulnerability
- https://ics-cert.us-.../ICSA-14-269-01
Last revised: Oct 03, 2014

Also see: https://www.us-cert....n-Vulnerability
Last revised: Sep 30, 2014

- https://www.us-cert....lerts/TA14-268A
Last revised: Sep 30, 2014

- http://www.kb.cert.org/vuls/id/252743
Last revised: 10 Oct 2014

Bash vuln -aka- Shellshock ...
- http://blog.trendmic...-cve-2014-6271/
Sep 25, 2014
> http://about-threats...bility-bash-bug

FREE protection for Shellshock
- http://www.trendmicr...loit/index.html

- http://www.securityt....com/id/1030890
CVE Reference:

- https://web.nvd.nist...d=CVE-2014-6271 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-6277 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-6278 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-7169 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-7186 - 10.0 (HIGH)
- https://web.nvd.nist...d=CVE-2014-7187 - 10.0 (HIGH)
Updated: Oct 6 2014 - "... archive entry has one or more follow-up message(s) listed..."
Original Entry Date: Sep 24 2014
Impact: Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
Vendor Confirmed: Yes Exploit Included: Yes  
Version(s): 4.3 ...

... vulnerability is being actively exploited...
Vendor URL: https://www.gnu.org/software/bash/
___

Semiannual Cisco IOS Software Security Advisory Bundled Publication
- http://www.cisco.com..._ERP_sep14.html
Sep 24, 2014 - "... Use the Cisco IOS Software Checker* to quickly determine whether a given Cisco IOS Software release is exposed to Cisco product vulnerabilities..."
* http://tools.cisco.c...ectIOSVersion.x
 

Edited by AplusWebMaster, 16 October 2014 - 03:50 AM.