332 replies to this topic

[AplusWebMaster]

FYI...

Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product
- http://www.us-cert.g...y_advisory_for5
January 15, 2009 - "Cisco has released a Security Advisory* to address multiple vulnerabilities in the IronPort Encryption Appliance and the IronPort PXE Encryption product. These vulnerabilities may allow an unauthorized attacker to view the contents of secure email messages or gain access to the IronPort Encryption Appliance administration interface..."
* http://www.cisco.com...t.shtml#details

- http://web.nvd.nist....d=CVE-2009-0053
- http://web.nvd.nist....d=CVE-2009-0054
- http://web.nvd.nist....d=CVE-2009-0055
- http://web.nvd.nist....d=CVE-2009-0056

Edited by AplusWebMaster, 20 January 2009 - 10:48 AM.

[AplusWebMaster]

FYI...

Cisco Security Manager vuln - update available
- http://www.cisco.com...90121-csm.shtml
2009 January 21

- http://www.us-cert.g...y_advisory_for6

Cisco Unified Communications Manager CAPF vuln - update available
- http://www.cisco.com...-cucmcapf.shtml
2009 January 21

[AplusWebMaster]

FYI...

Cisco wireless LANs multiple vulns - updates available
- http://www.cisco.com...90204-wlc.shtml
2009 February 04 - "Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers (WLCs), Cisco Catalyst 6500 Wireless Services Modules (WiSMs), and Cisco Catalyst 3750 Integrated Wireless LAN Controllers. This security advisory outlines details of the following vulnerabilities:
* Denial of Service Vulnerabilities (total of three)
* Privilege Escalation Vulnerability
These vulnerabilities are independent of each other. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities..."
- Downloads at http://www.cisco.com...-usingswc.shtml

- http://secunia.com/advisories/33749/
...CVE reference:
http://web.nvd.nist....d=CVE-2009-0058
http://web.nvd.nist....d=CVE-2009-0059
http://web.nvd.nist....d=CVE-2009-0061
http://web.nvd.nist....d=CVE-2009-0062

Edited by AplusWebMaster, 05 February 2009 - 07:58 AM.

[AplusWebMaster]

FYI...

Cisco Security Advisory - multiple vulns...
- http://www.cisco.com...90225-ace.shtml
2009 February 25 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco ACE Module and Cisco ACE 4710 Application Control Engine contain multiple vulnerabilities that, if exploited, can result in any of the following impacts:
• Administrative level access via default user names and passwords
• Privilege escalation
• A denial of service (DoS) condition
Cisco has released free software updates available for affected customers. Workarounds that mitigate some of the vulnerabilities are available..."
http://web.nvd.nist....d=CVE-2009-0620
http://web.nvd.nist....d=CVE-2009-0621
http://web.nvd.nist....d=CVE-2009-0622
http://web.nvd.nist....d=CVE-2009-0623
http://web.nvd.nist....d=CVE-2009-0624
http://web.nvd.nist....d=CVE-2009-0625

- http://www.cisco.com...-mtgplace.shtml
2009 February 25
http://web.nvd.nist....d=CVE-2009-0614

- http://www.cisco.com...90225-anm.shtml
2009 February 25
http://web.nvd.nist....d=CVE-2009-0615
http://web.nvd.nist....d=CVE-2009-0616
http://web.nvd.nist....d=CVE-2009-0617
http://web.nvd.nist....d=CVE-2009-0618

Edited by AplusWebMaster, 02 March 2009 - 07:48 AM.

[AplusWebMaster]

FYI...

Cisco 7600 Router DoS vuln - update available
- http://secunia.com/advisories/34113/2/
Release Date: 2009-03-05
Critical: Less critical
Impact: DoS
Where: From local network
Solution Status: Vendor Patch
Solution: Update to Cisco SBC software release 3.0(2).
http://www.cisco.com...sbc-7600-crypto ...
Original Advisory:
http://www.cisco.com...90304-sbc.shtml ...

- http://atlas.arbor.n...dex#-1301369183
March 05, 2009 - ...Analysis: This is a minor issue that could escalate, if sustained traffic were seen, to a major outage for a region. Sites using the SBC module in a 7600 should review this update and apply it as needed...

[AplusWebMaster]

FYI...

- http://isc.sans.org/...ml?storyid=5980
Last Updated: 2009-03-09 22:07:42 UTC ...(Version: 4) - "If you have a Cisco IP phone, your DST rollfoward may not have worked, so you might want to rely on a different clock until the issues gets fixed... Update 2: Soon after I published this, Cisco published a patch to fix the issue..."

ciscocm.dst_march_2009.html
- http://www.cisco.com...march_2009.html
****IMPORTANT*****
This patch is a temporary workaround for the March 2009 DST issue.
You must upgrade before November 1, 2009 to a Unified Communications Manager version containing the fix for CSCsy25150 (CUCM is not sending Daylight Saving Time updates):
* http://tools.cisco.c...ugId=CSCsy25150
Installation Instructions for Unified Communications Manager Daylight Savings Time (DST) patch file:
File Name: ciscocm.dst_march_2009.cop.sgn
MD5 Sum: d4:f5:e2:56:29:82:f9:fd:af:44:46:be:2a:e0:8d:f1
1. Ensure that Database Replication is working correctly before installing this file, you can check this from RTMT or Cisco Unified Reporting.
2. Install this file only on the Publisher from the "Install/Upgrade" option under "Cisco Unified Communications Operating System Administration."
3. Wait for 60 seconds.
4. Ensure that Database Replication is working correctly after the installation is complete.
5. Restart Cisco CallManager service on all the nodes in the cluster that are running this service.
***NOTE: If you apply a device pack or other update after applying this patch and before March 15, this patch will need to be re-installed.
When a permanent fix is available for November time change a Field Notice will appear here:
http://www.cisco.com...tices_list.html

[AplusWebMaster]

FYI...

Cisco Unified Communications Manager IP Phone PAB Information Disclosure
- http://secunia.com/advisories/34238/
Release Date: 2009-03-12

- http://atlas.arbor.n...ndex#-297480716
March 16, 2009

- http://www.cisco.com...1-cucmpab.shtml
2009 March 11
The following products are vulnerable:
• Cisco Unified CallManager 4.1 versions
• Cisco Unified Communications Manager 4.2 versions prior to 4.2(3)SR4b
• Cisco Unified Communications Manager 4.3 versions prior to 4.3(2)SR1b
• Cisco Unified Communications Manager 5.x versions prior to 5.1(3e)
• Cisco Unified Communications Manager 6.x versions prior to 6.1(3)
• Cisco Unified Communications Manager 7.0 versions prior to 7.0(2)

- http://web.nvd.nist....d=CVE-2009-0632
Last revised: 03/12/2009
CVSS v2 Base Score:9.0 (HIGH)

Cisco Security Advisories
>> http://www.cisco.com...es_listing.html
"Starting on March 26, 2008, Cisco will release bundles of IOS Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.
This schedule change will not restrict us from promptly publishing an individual IOS Security Advisory for a serious vulnerability which is publicly disclosed or for which we are aware of active exploitation..."

Edited by AplusWebMaster, 17 March 2009 - 05:32 AM.

[AplusWebMaster]

FYI...

Cisco IOS bundled advisories...
- http://www.us-cert.g...curity_advisory
March 25, 2009

- http://www.cisco.com...25-bundle.shtml
March 25, 2009 - "... includes eight Security Advisories. All of the advisories address vulnerabilities in Cisco IOS Software. Each advisory lists the releases that correct the vulnerability or vulnerabilities in the advisory, and each security advisory also lists recommended releases that correct the vulnerabilities in the other seven advisories. The table in this document lists releases that correct all Cisco IOS Software vulnerabilities that have been published in Cisco Security Advisories on March 25, 2009, or earlier..."

- http://secunia.com/advisories/34438/2/
Release Date: 2009-03-26
Critical: Moderately critical
Impact: Privilege escalation, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco IOS 12.x, Cisco IOS R12.x...
Solution: Please see the following vendor advisory for fixed versions.
http://www.cisco.com...25-bundle.shtml ...

- http://nvd.nist.gov/...e=CVE-2009-0626
- http://nvd.nist.gov/...e=CVE-2009-0628
- http://nvd.nist.gov/...e=CVE-2009-0629
- http://nvd.nist.gov/...e=CVE-2009-0630
- http://nvd.nist.gov/...e=CVE-2009-0631
- http://nvd.nist.gov/...e=CVE-2009-0633
- http://nvd.nist.gov/...e=CVE-2009-0634

Edited by AplusWebMaster, 31 March 2009 - 02:56 PM.
Added Secunia advisory and CVE links...

[AplusWebMaster]

FYI...

Cisco ASA and PIX multiple vulns - update available
- http://secunia.com/advisories/34607/2/
Release Date: 2009-04-09
Critical: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x ...
Solution: Update to the fixed versions (please see the vendor advisory for patch information)...
Original Advisory:
http://www.cisco.com...90408-asa.shtml ...

[AplusWebMaster]

FYI...

CiscoWorks TFTP vuln - update available
- http://www.cisco.com...090520-cw.shtml
2009 May 20 - "... CiscoWorks Common Services contains a TFTP directory traversal vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.
Note: Only CiscoWorks Common Services systems that run on Microsoft Windows operating systems are vulnerable. The Solaris version of CiscoWorks Common Services is not affected by this vulnerability...
This vulnerability has been corrected in the following CiscoWorks Common Services software patch: cwcs3.x-win-CSCsx07107-0.zip
The CiscoWorks Common Services patch can be downloaded from the following link:
http://www.cisco.com...l/cw2000-cd-one ..."

- http://cve.mitre.org...e=CVE-2009-1161

- http://www.us-cert.g..._advisory_for10
May 20, 2009

- http://isc.sans.org/...ml?storyid=6424
Last Updated: 2009-05-20 18:38:01 UTC

- http://secunia.com/advisories/35179/2/
Release Date: 2009-05-21
Critical: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information, System access
Where: From local network
Solution Status: Vendor Patch ...

Edited by AplusWebMaster, 21 May 2009 - 04:36 AM.
Added Secunia advisory link...

[AplusWebMaster]

FYI...

Cisco IOS - HTTP Server vuln
- http://www.cisco.com...1201-http.shtml
Revision 1.2 - Last Updated 2009 June 19 - " A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. Cisco will be making free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability...
Vulnerable Products: This security advisory applies to all Cisco products that run Cisco IOS Software versions 11.0 through 12.4 with the HTTP server enabled. A system which contains the IOS HTTP server or HTTP secure server, but does not have it enabled, is not affected.
To determine if the HTTP server is running on your device, issue the show ip http server status and show ip http server secure status commands at the prompt and look for output similar to:
Router>show ip http server status
HTTP server status: Enabled
If the device is not running the HTTP server, you should see output similar to:
Router>show ip http server status
HTTP server status: Disabled
Any version of Cisco IOS prior to the versions which will be listed in the Fixed Software section..."

[AplusWebMaster]

FYI...

Cisco IOS vulns...
- http://www.cisco.com...90729-bgp.shtml
Last Updated: 2009 July 30
- http://www.us-cert.g..._advisory_for12

Cisco Wireless LAN Controllers - multiple vulns
- http://www.cisco.com...90727-wlc.shtml
2009 July 27
- http://www.us-cert.g..._advisory_for11

Edited by AplusWebMaster, 30 July 2009 - 10:12 AM.

[AplusWebMaster]

FYI...

Cisco firewall vuln - update available
- http://secunia.com/advisories/36373/2/
Release Date: 2009-08-20
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch ...
Software: Cisco Firewall Services Module (FWSM) 2.x, Cisco Firewall Services Module (FWSM) 3.x, Cisco Firewall Services Module (FWSM) 4.x
Solution: Update to version 3.1(16), 3.2(13), or 4.0(6).
Users of version 2.x should migrate to either 3.x or 4.x.
Original Advisory: cisco-sa-20090819-fwsm:
http://www.cisco.com...0819-fwsm.shtml
Other References: Cisco Applied Mitigation Bulletin:
http://www.cisco.com...0080af151c.html

[AplusWebMaster]

FYI...

> http://atlas.arbor.n...dex#-1060669303

Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
- http://www.cisco.com...90818-bgp.shtml
Last Updated 2009 August 24

Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability
- http://www.cisco.com...0819-fwsm.shtml
2009 August 19

Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability
- http://tools.cisco.c...x?alertId=18919
August 25, 2009

Edited by AplusWebMaster, 26 August 2009 - 08:17 AM.

[AplusWebMaster]

FYI...

Cisco: TCP State Manipulation DoS vulns - Multiple Cisco Products
- http://www.cisco.com...908-tcp24.shtml
2009 September 8 - "Multiple Cisco products are affected by denial of service (DoS) vulnerabilities that manipulate the state of Transmission Control Protocol (TCP) connections. By manipulating the state of a TCP connection, an attacker could force the TCP connection to remain in a long-lived state, possibly indefinitely... In some cases, a system reboot may be necessary to recover normal system operation. To exploit these vulnerabilities, an attacker must be able to complete a TCP three-way handshake with a vulnerable system... Cisco has released free software updates that address these vulnerabilities..."
- http://www.cisco.com...-usingswc.shtml

- http://secunia.com/advisories/36618/2/
Release Date: 2009-09-09
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch...