332 replies to this topic

[AplusWebMaster]

FYI...

- http://tools.cisco.c...licationListing

Cisco IOS XR DoS vuln - update available
- https://secunia.com/advisories/49329/
Release Date: 2012-05-31
Criticality level: Moderately critical
Impact: DoS
Where: From remote
CVE Reference:
- http://web.nvd.nist....d=CVE-2012-2488 - 7.8 (HIGH)
A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a Denial of Service (DoS)... There are no workarounds for the vulnerability described in this document... Cisco has released free software updates that addresses the vulnerability...
Original Advisory: Cisco:
http://tools.cisco.c...-20120530-iosxr

Edited by AplusWebMaster, 31 May 2012 - 11:37 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...licationListing

Cisco AnyConnect VPN Client vulns
- https://secunia.com/advisories/49645/
Release Date: 2012-06-21
Criticality level: Highly critical
Impact: System access
Where: From remote
Software: Cisco AnyConnect VPN Client 2.x, 3.x
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2012-2493 - 9.3 (HIGH)
- http://web.nvd.nist....d=CVE-2012-2494 - 4.3
- http://web.nvd.nist....d=CVE-2012-2495 - 4.3
- http://web.nvd.nist....d=CVE-2012-2496 - 6.8
... see the vendor's advisory for the list of affected versions.
Solution: Update to a fixed version.
Original Advisory:
http://tools.cisco.c...-sa-20120620-ac

Cisco ASA 5500 and Cisco Catalyst 6500 DoS vuln
- http://tools.cisco.c...0120620-asaipv6
June 20, 2012
- https://secunia.com/advisories/49647/
CVE Reference: http://web.nvd.nist....d=CVE-2012-3058 - 7.8 (HIGH)

Cisco ACE admin IP Address Overlap vuln
- http://tools.cisco.c...sa-20120620-ace
June 20, 2012
- https://secunia.com/advisories/49646/
CVE Reference: http://web.nvd.nist....d=CVE-2012-3063 - 7.1 (HIGH)

Edited by AplusWebMaster, 23 June 2012 - 10:52 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...licationListing

- http://www.securityt....com/id/1027212
CVE Reference: CVE-2012-3053, CVE-2012-3054, CVE-2012-3055, CVE-2012-3056, CVE-2012-3057
Jun 27 2012
Impact: Execution of arbitrary code via network, User access via network
Version(s): 27.x
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix for Cisco WebEx Business Suite (WBS27):
Client builds 28.1.0 (T28 L10N SP1)
Client builds 27.32.2 (T27 LD SP32 CP2)
Client builds 27.25.11 (T27 LC SP25 EP11)
The vendor's advisory is available at:
http://tools.cisco.c...-20120627-webex

Cisco WebEx Player ARF Processing Buffer Overflow vuln
- https://secunia.com/advisories/49751/
Release Date: 2012-06-28
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2012-3053
Solution: Update to a fixed client build...
Original Advisory: Cisco:
http://tools.cisco.c...-20120627-webex

Cisco WebEx Player WRF Processing multiple vulns
- https://secunia.com/advisories/49750/
Release Date: 2012-06-28
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-3054, CVE-2012-3055, CVE-2012-3056, CVE-2012-3057
Solution: Update to a fixed client build...
Original Advisory: Cisco:
http://tools.cisco.c...-20120627-webex

- https://www.us-cert...._advisory_for31
June 29, 2012
___

- http://h-online.com/-1629845
2 July 2012

Edited by AplusWebMaster, 03 July 2012 - 04:58 AM.

[AplusWebMaster]

FYI...

- http://tools.cisco.c...licationListing

Multiple Vulnerabilities in Cisco TelePresence Recording Server
- http://tools.cisco.c...a-20120711-ctrs
2012 July 11 - "... Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash.
Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges.
Cisco has released updated software that resolves the command and code execution vulnerabilities... There are no workarounds that mitigate these vulnerabilities..."
> http://www.securityt....com/id/1027244
CVE Reference: CVE-2012-2486, CVE-2012-3073, CVE-2012-3076

Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
- http://tools.cisco.c...a-20120711-ctms
2012 July 11 - "... Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities..."
> http://www.securityt....com/id/1027241
CVE Reference: CVE-2012-2486, CVE-2012-3073

Multiple Vulnerabilities in Cisco TelePresence Manager
- http://tools.cisco.c...20120711-ctsman
2012 July 11 - "... Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities..."
> http://www.securityt....com/id/1027241
CVE Reference: CVE-2012-2486, CVE-2012-3073

Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
- http://tools.cisco.c...sa-20120711-cts
2012 July 11 - "... Exploitation of the API Remote Command Execution vulnerability could allow an unauthenticated, adjacent attacker to inject commands into API requests. The injected commands will be executed by the underlying operating system in an elevated context.
Exploitation of the Remote Command Execution vulnerability could allow an authenticated, remote attacker to inject commands into requests made to the Administrative Web interface. The injected commands will be executed by the underlying operating system in an elevated context.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities..."
> http://www.securityt....com/id/1027245
CVE Reference: CVE-2012-2486, CVE-2012-3074, CVE-2012-3075
___

Cisco TelePresence Immersive Endpoint Multiple Vulnerabilities
- https://secunia.com/advisories/49879/
Cisco TelePresence Recording Server Two Vulnerabilities
- https://secunia.com/advisories/49864/
Cisco TelePresence Recording Server Denial of Service Vulnerability
- https://secunia.com/advisories/49880/
Cisco TelePresence Products Denial of Service and Code Execution Vulnerabilities
- https://secunia.com/advisories/49915/

Edited by AplusWebMaster, 12 July 2012 - 07:51 AM.

[AplusWebMaster]

FYI...

Cisco ASA SIP and WebVPN Bugs ...
- http://www.securityt....com/id/1027355
CVE Reference: CVE-2012-2472, CVE-2012-2474
Aug 7 2012
Version(s): ASA 5500 Series; 8.2 - 8.4
Description: Two vulnerabilities were reported in Cisco ASA. A remote or remote authenticated user can cause denial of service conditions.
Impact: A remote user can cause excessive memory consumption on the target system.
... vendor's advisories are available at:
http://www.cisco.com...es/asarn84.html
http://www.cisco.com...ease-Notes.html

Cisco AnyConnect Secure Mobility Client Bugs ...
- http://www.securityt....com/id/1027354
CVE Reference: CVE-2012-2498, CVE-2012-2499, CVE-2012-2500
Aug 7 2012
Version(s): 3.0 - 3.0.08066
Description: Several vulnerabilities were reported in Cisco AnyConnect Secure Mobility Client. A remote user can spoof a system.
Impact: A remote user with the ability to conduct a man-in-the-middle attack can spoof a target server.
... No fix was available for CVE-2012-2498.
The vendor's advisory is available at:
http://www.cisco.com...onnect30rn.html

Cisco IP Communicator Bug ...
- http://www.securityt....com/id/1027353
CVE Reference: CVE-2012-2490
Aug 7 2012
Version(s): 8.6
Description: A vulnerability was reported in Cisco IP Communicator. A remote user with the ability to conduct man-in-the-middle attacks can modify the Certificate Trust List.
Impact: A remote user with the ability to conduct man-in-the-middle attacks can modify the Certificate Trust List.
Solution: The vendor has issued a fix (8.6.2).
The vendor's advisory is available at:
http://www.cisco.com.../CIPC8x_RN.html

Cisco NX-OS CDP Packet Processing Flaw ...
- http://www.securityt....com/id/1027352
CVE Reference: CVE-2012-2469
Aug 7 2012
Version(s): Nexus 7000 Series Switches; 4.2, 5.0, 5.1, and 5.2
Description: A vulnerability was reported in Cisco NX-OS. A remote user can cause denial of service conditions...
Impact: A remote user can cause the target device to reset.
Solution: The vendor has issued a fix (5.2(1)).
The vendor's advisory is available at:
http://www.cisco.com...lease_note.html

Cisco Carrier Routing System ...
- http://www.securityt....com/id/1027351
CVE Reference: CVE-2012-1342
Aug 7 2012
Version(s): 3.9, 4.0, 4.1
Description: A vulnerability was reported in Cisco Carrier Routing System. A remote user can bypass access control lists...
Impact: A remote user can bypass ACL entries.
Solution: The vendor has issued a fix (3.9.2).
The vendor's advisory is available at:
http://www.cisco.com...areid=280867577

Cisco Unified Computing System SSH Processing Flaw ...
- http://www.securityt....com/id/1027350
CVE Reference: CVE-2012-1339
Aug 7 2012
Version(s): 2.0
Description: A vulnerability was reported in Cisco Unified Computing System. A remote user can cause denial of service conditions...
Impact: A remote user can cause denial of service conditions.
Solution: The vendor has issued a fix (2.0(2m)).
The vendor's advisory is available at:
http://www.cisco.com...s/OL_25363.html

Cisco Catalyst Switch Local Web Authentication Bug ...
- http://www.securityt....com/id/1027349
CVE Reference: CVE-2012-1338
Aug 7 2012
Version(s): Catalyst 3560 and 3750 series; running IOS 15.0, 15.1
Description: A vulnerability was reported in Cisco Catalyst Switch. A remote authenticated user can cause denial of service conditions.
Impact: A remote authenticated user can cause the target device to reload.
Solution: The vendor has issued a fix (15.0(1)SE1).
The vendor's advisory is available at:
http://www.cisco.com...es/OL25302.html

Cisco MDS Fibre Channel over IP Flaw ...
- http://www.securityt....com/id/1027348
CVE Reference: CVE-2012-1340
Aug 7 2012
Version(s): 9000 Series; 4.2 and 5.2
Description: A vulnerability was reported in Cisco MDS. A remote user can cause denial of service conditions.
Impact: A remote user can cause a module reload on the target system.
Solution: The vendor has issued a fix (5.2(2)).
The vendor's advisory is available at:
http://www.cisco.com..._notes_522.html

[AplusWebMaster]

FYI...

Cisco IOS SSL VPN DoS vuln
- https://secunia.com/advisories/50264/
Release Date: 2012-08-13
Impact: DoS
Where: From remote
Operating System: Cisco IOS 15.1, Cisco IOS 15.2
CVE Reference: http://web.nvd.nist....d=CVE-2012-1344
Solution: Apply patches (please see the vendor's advisory for more information)...
Original Advisory:
http://tools.cisco.c...x?alertId=26602
"... Updates are available... Cisco IOS versions 15.1 and 15.2 are vulnerable when an affected device running the vulnerable software is configured with a clientless SSL VPN..."

> http://www.cisco.com...151-2TCAVS.html
___

Cisco Emergency Responder v8.7 released
- https://secunia.com/advisories/50266/
Release Date: 2012-08-13
Impact: DoS
Where: From local network
CVE Reference: http://web.nvd.nist....d=CVE-2012-1346
... vulnerability is reported in versions prior to 8.7.
Solution: Update to version 8.7.
Original Advisory:
http://tools.cisco.c...x?alertId=26610

> https://www.cisco.co...chapter_00.html

Edited by AplusWebMaster, 13 August 2012 - 10:41 AM.

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

Cisco IOS XR Software Route Processor DoS vuln
- http://tools.cisco.c...-20120530-iosxr
2012 August 15 Rev 2.0
Summary: Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability..."

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco Unified Presence / Jabber XCP Stream update available
- https://secunia.com/advisories/50562/
Release Date: 2012-09-13
Criticality level: Moderately critical
Impact: DoS
Where: From remote
Software: Cisco Jabber Extensible Communications Platform (Jabber XCP) 5.x, Cisco Unified Presence 8.x ...
CVE Reference: http://web.nvd.nist....d=CVE-2012-3935 - 7.8 (HIGH)
Original Advisory:
http://tools.cisco.c...20120912-cupxcp
"... Successful exploitation of this vulnerability could cause the Connection Manager process to crash. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability..."

Cisco ASA-CX / Cisco PRSM update available
- https://secunia.com/advisories/50592/
Release Date: 2012-09-13
Impact: DoS
Where: From local network
Software: Cisco ASA-CX Context-Aware Security 9.x, Cisco Prime Security Manager (PRSM) 9.x
... security issue is reported in versions prior to 9.0.2-103.
CVE Reference: http://web.nvd.nist....d=CVE-2012-4629 - 7.8 (HIGH)
Solution: Update to version 9.0.2-103.
Original Advisory:
http://tools.cisco.c...-20120912-asacx
"... There are no workarounds for this vulnerability, but some mitigations are available. Cisco has released free software updates that address this vulnerability..."

Edited by AplusWebMaster, 13 September 2012 - 02:46 PM.

[AplusWebMaster]

FYI...

Cisco IOS SSLVPN DoS vuln - IOS 15.2(1)T3 released
- https://secunia.com/advisories/50676/
Release Date: 2012-09-19
Impact: DoS
Where: From local network
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2012-3923
- http://web.nvd.nist....d=CVE-2012-3924
... vulnerability has been reported in Cisco IOS, which can be exploited by malicious users to cause a DoS...
... vulnerability is reported in versions prior to 15.2(1)T3.
Operating System: Cisco IOS 15.2
Solution: Update to version 15.2(1)T3.
Original Advisory: Cisco (CSCte41827, CSCty97961):
http://www.cisco.com...152-1TCAVS.html
___

- http://tools.cisco.c...cationListing.x

Cisco AnyConnect Secure Mobility Client ...
- http://tools.cisco.c...-sa-20120620-ac
Revision 2.0
Last Updated: 2012 September 19

Edited by AplusWebMaster, 19 September 2012 - 11:57 AM.

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

>> http://www.cisco.com..._ERP_sep12.html
Sep 26, 2012 - "... semiannual Cisco IOS Software Security Advisory Bundled Publication..."

Cisco IOS Software Session Initiation Protocol DoS vuln
- http://tools.cisco.c...sa-20120926-sip
2012 Sep 26 - Summary: A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through of Session Description Protocol (SDP) for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability...

Cisco Unified Communications Manager Session Initiation Protocol Protocol DoS vuln
- http://tools.cisco.c...a-20120926-cucm
2012 Sep 26 - Summary: Cisco Unified Communications Manager contains a vulnerability in its Session Initiation Protocol (SIP) implementation that could allow an unauthenticated, remote attacker to cause a critical service to fail, which could interrupt voice services. Affected devices must be configured to process SIP messages for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. A workaround exists for customers who do not require SIP in their environment...

Cisco IOS Software Tunneled Traffic Queue Wedge vuln
- http://tools.cisco.c...26-c10k-tunnels
2012 Sep 26 - Summary: Cisco IOS Software contains a queue wedge vulnerability that can be triggered when processing IP tunneled packets. Only Cisco IOS Software running on the Cisco 10000 Series router has been demonstrated to be affected. Successful exploitation of this vulnerability may prevent traffic from transiting the affected interfaces. Cisco has released free software updates that addresses this vulnerability. There are no workarounds for this vulnerability...

Cisco IOS Software DHCP DoS vuln
- http://tools.cisco.c...a-20120926-dhcp
2012 Sep 26 - Summary: Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a single DHCP packet to or through an affected device, causing the device to reload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available...

Cisco IOS Software Network Address Translation vulns
- http://tools.cisco.c...sa-20120926-nat
2012 Sep 26 - Summary: The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities...

Cisco IOS Software Intrusion Prevention System DoS vuln
- http://tools.cisco.c...0120926-ios-ips
2012 Sep 26 - Summary: Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available...

Cisco IOS Software DHCP Version 6 Server DoS vuln
- http://tools.cisco.c...20120926-dhcpv6
2012 Sep 26 - Summary: Cisco IOS Software and Cisco IOS XE Software contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a crafted request to an affected device that has the DHCP version 6 (DHCPv6) server feature enabled, causing a reload. Cisco has released free software updates that address this vulnerability...

Cisco IOS Software Malformed Border Gateway Protocol Attribute vuln
- http://tools.cisco.c...sa-20120926-bgp
2012 Sep 26 - Summary: Cisco IOS Software contains a vulnerability in the Border Gateway Protocol (BGP) routing protocol feature. The vulnerability can be triggered when the router receives a malformed attribute from a peer on an existing BGP session. Successful exploitation of this vulnerability can cause all BGP sessions to reset. Repeated exploitation may result in an inability to route packets to BGP neighbors during reconvergence times. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability...

Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E DoS vuln
- http://tools.cisco.c...sa-20120926-ecc
2012 Sep 26 - Summary: The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...

Edited by AplusWebMaster, 27 September 2012 - 08:51 AM.

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

Cisco Firewall Services Module
- http://tools.cisco.c...a-20121010-fwsm
2012 October 10
Summary: The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities:
DCERPC Inspection Buffer Overflow Vulnerability
DCERPC Inspection Denial Of Service Vulnerabilities
... Exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to trigger a reload of the affected device, or to execute arbitrary commands. Repeated exploitation could result in a denial of service (DoS) condition.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities...
> http://www.securityt....com/id/1027640
CVE Reference: CVE-2012-4661, CVE-2012-4662, CVE-2012-4663
Oct 10 2012
- https://secunia.com/advisories/50857/
Release Date: 2012-10-11
Criticality level: Moderately critical
Impact: DoS, System access
Where: From local network
Software: Cisco Firewall Services Module (FWSM) 4.x
CVE Reference(s): CVE-2012-4661, CVE-2012-4662, CVE-2012-4663
... vulnerability affects versions prior to 4.1(7).
Solution: Update to version 4.1(9).

Cisco WebEx Recording Format Player
- http://tools.cisco.c...-20121010-webex
2012 October 10
Summary: The Cisco WebEx Recording Format (WRF) player contains six buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user... If the Cisco WebEx WRF Player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the Cisco WebEx WRF Player was manually installed, users will need to manually install a new version of the Cisco WebEx WRF Player after downloading the latest version from http://www.webex.com...-recording.html . Cisco has updated affected versions of the WebEx meeting sites and Cisco WebEx WRF Player to address these vulnerabilities...
> http://www.securityt....com/id/1027639
CVE Reference: CVE-2012-3936, CVE-2012-3937, CVE-2012-3938, CVE-2012-3939, CVE-2012-3940, CVE-2012-3941
Oct 10 2012
Impact: Execution of arbitrary code via network, User access via network
Solution: The vendor has issued a fix (27.32.10 (T27LDSP32EP10), 28.4 (T28.4))...
- https://secunia.com/advisories/50905/
Release Date: 2012-10-11
Criticality level: Highly critical
Impact: System access
Where: From remote...
Software: WebEx Recording Format Player
CVE Reference(s): CVE-2012-3936, CVE-2012-3937, CVE-2012-3938, CVE-2012-3939, CVE-2012-3940, CVE-2012-3941
Solution: Update to version 28.4 or 27.32.10.

Cisco ASA 5500 Series Adaptive Security Appliances / Catalyst 6500 Series ASA Services Module
- http://tools.cisco.c...sa-20121010-asa
2012 October 10
Summary: Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) may be affected by the following vulnerabilities:
DHCP Memory Allocation Denial of Service Vulnerability
SSL VPN Authentication Denial of Service Vulnerability
SIP Inspection Media Update Denial of Service Vulnerability
DCERPC Inspection Buffer Overflow Vulnerability
Two DCERPC Inspection Denial Of Service Vulnerabilities...
Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities...
> http://www.securityt....com/id/1027641
CVE Reference: CVE-2012-4643, CVE-2012-4659, CVE-2012-4660, CVE-2012-4661, CVE-2012-4662, CVE-2012-4663
Oct 10 2012
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network
Solution: The vendor has issued a fix (7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), 8.6(1.5))...
- https://secunia.com/advisories/50871/
Release Date: 2012-10-11
Criticality level: Moderately critical
Impact: DoS, System access
Where: From remote
Operating System: Cisco Adaptive Security Appliance (ASA) 7.x - 8.x, Cisco ASA 5500 Series Adaptive Security Appliances
CVE Reference(s): CVE-2012-4643, CVE-2012-4659, CVE-2012-4660, CVE-2012-4661, CVE-2012-4662, CVE-2012-4663
For more information: https://secunia.com/SA50857/
Solution: Update to version 7.2(5.8), 8.0(5.28), 8.1(2.56), 8.2(5.33), 8.3(2.34), 8.4(4.5), 8.5(1.14), or 8.6(1.5)...

Edited by AplusWebMaster, 11 October 2012 - 08:32 AM.

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

Cisco Prime Data Center Network Manager vuln
- http://tools.cisco.c...a-20121031-dcnm
2012 Oct 31 - "Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. Cisco has released free software updates that address this vulnerability...
Vulnerable Products: All Cisco Prime Data Center Network Manager releases prior to release 6.1(1), for both the Microsoft Windows and Linux platforms, are affected by this vulnerability...

- https://secunia.com/advisories/51129/
Release Date: 2012-11-01
Criticality level: Moderately critical
Impact: System access
Where: From local network
CVE Reference: http://web.nvd.nist....d=CVE-2012-5417 - 10.0 (HIGH)
... security issue is reported in versions prior to 6.1(1).
Solution: Update to version 6.1(1).
Original Advisory: Cisco:
http://tools.cisco.c...a-20121031-dcnm
___

Cisco Unified MeetingPlace Web Conferencing vulns
- http://tools.cisco.c...-sa-20121031-mp
2012 Oct 31 - "Cisco Unified MeetingPlace Web Conferencing is affected by two vulnerabilities:
Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability
Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability...
Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities...

- https://secunia.com/advisories/51103/
Release Date: 2012-11-01
Impact: Manipulation of data, DoS
Where: From local network
CVE Reference(s):
- https://web.nvd.nist...d=CVE-2012-0337 - 6.5
- https://web.nvd.nist...d=CVE-2012-5416 - 7.8 (HIGH)
... vulnerabilities are reported in versions prior to 7.0, 7.0, 7.1, 8.0, and 8.5.
Solution: Update to version 7.1MR1 Patch 1, 8.0MR1 Patch 1, or 8.5MR3.
Original Advisory: Cisco:
http://tools.cisco.c...-sa-20121031-mp

Edited by AplusWebMaster, 02 November 2012 - 12:37 PM.

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability
- http://tools.cisco.c...sa-20121107-acs
2012 Nov 7 - "Summary: Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the authentication protocol and Cisco Secure ACS is configured with a Lightweight Directory Access Protocol (LDAP) external identity store.
An attacker may exploit this vulnerability by sending a special sequence of characters when prompted for the user password. The attacker would need to know a valid username stored in the LDAP external identity store to exploit this vulnerability, and the exploitation is limited to impersonate only that user. An exploit could allow the attacker to successfully authenticate to any system using TACACS+ in combination with an affected Cisco Secure ACS.
Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability..."

[AplusWebMaster]

FYI...

- http://tools.cisco.c...cationListing.x

Cisco Ironport Appliances Sophos Anti-Virus Vulnerabilities
- http://tools.cisco.c...20121108-sophos
2012 Nov 9 - "Summary: Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Web Security Appliances (WSA) include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a denial-of-service (DoS) condition. An attacker could exploit these vulnerabilities by sending malformed files to an appliance that is running Sophos Anti-Virus. The malformed files could cause the Sophos antivirus engine to behave unexpectedly. As updates that address these vulnerabilities become available from Sophos, Cisco is working to qualify and automatically provision them through the Cisco Ironport ESA and WSA platforms...
Workarounds: Only Cisco Ironport ESA and WSA running Sophos Anti-Virus are vulnerable. Appliances running other antivirus programs are not affected. To mitigate this issue, customers can configure the Cisco Ironport appliances to use an alternate antivirus program. Cisco is providing 30-day trial licenses for McAfee AntiVirus through Ironport Technical Support as an interim workaround. To obtain a 30-day McAfee license please contact Ironport Technical Support at http://www.ironport....ct_support.html
Customers can enable the 30-day evaluation key by accessing Security Services > Sophos/McAfee Anti-Virus pages in the Web GUI or by running the antivirusconfig command in the CLI..."

[AplusWebMaster]

FYI...

> http://tools.cisco.c...cationListing.x

Cisco Prime LAN Management Solution Command Execution vuln
- http://tools.cisco.c...sa-20130109-lms
2013 Jan 9 - "Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands sent to certain TCP ports. An attacker could exploit this vulnerability by connecting to the affected system and sending arbitrary commands. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability..."
- https://secunia.com/advisories/51814/
Release Date: 2013-01-10
Criticality level: Moderately critical
Impact: System access
Where: From local network...
Solution: Update to version 4.2.3 or apply patches.

Cisco Unified IP Phone Local Kernel System Call Input Validation vuln
- http://tools.cisco.c...130109-uipphone
2013 Jan 9 - "Cisco Unified IP Phones 7900 Series versions 9.3(1)SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges... Mitigations are available to help reduce the attack surface of affected devices. See the "Details" section of this security advisory and the accompanying Cisco Applied Mitigation Bulletin (AMB) for additional information..."
- https://secunia.com/advisories/51768/
Last Update: 2013-01-18
Solution: The vendor has released Engineering Special 9.3(1)-ES11, which mitigates the vulnerability...
Original Advisory:
- http://tools.cisco.c...130109-uipphone

Edited by AplusWebMaster, 20 January 2013 - 10:14 AM.