[c-nsp] Cisco PSIRT - Mitigating and Detecting Potential Abuse of Cisco Smart Install Feature
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco PSIRT has become aware of attackers abusing the Smart Install (SMI) feature in Cisco IOS and Cisco IOS XE Software. While this is not considered a vulnerability, PSIRT has published a Cisco Security Response on February, 14th to inform customers about possible abuse of the Smart Install feature if it remains enabled after device installation. The associated Security Response also provides guidance on actions customers can take to protect their networks against abuse of this setup feature. Cisco recommends customers review the linked documents and assess their networks for potential exposure. https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170214-smi https://blogs.cisco.com/security/cisco-psirt-mitigating-and-detecting-potential-abuse-of-cisco-smart-install-feature -BEGIN PGP SIGNATURE- iQIVAwUBWLnRAq89gD3EAJB5AQIg9g//WD6liFO/eMFkE+FgMiML3zCbahWjCU78 1z/mSO4kr6lI1mk3l2REbfcM3T2ErntXhA+rbUcGEKosckccEf+Msy+CIBOW0nKt IQEjdwwS0xQXm7fyMRJACei8dxXxHgsS+zbqSvfximTmr/KmVwyhzEUPjxXibWE4 4d6Q+9cjFJuKyp9slrNaYymSo7t3VIt/9msXXBVslMNgoIbOi4xm/Mag6/MH8U7L JZCu0ADXHgxLHWFmzuLVup0BsFjNDhN+w5fRD8Jxyg3HaNozdXnVhxn9LAL0QMZo N/774c9sS/CiWIC9+0HY8fNwR7ga+uEZmraVK0YI9O8Ln7KpigfOj+2d669OwQQm GqLLK62CsAY9M1CDAVcXT5UPfvC0lKJlNSsEAb6IGF9XVrZ+TnXsJB2Vw1GywV7i VznvK12M+2vDbLOYxMz5D2gKLGdhmv0kFcAkbXRsUUjaB6O+XK9GGAkhrCahc6xL 5/4pt+870tknTlQbvo9OZJ5jywJmanVDelaI+2+FqZ1gWRZJ0jhtXnB/xCpUWU3W OwvvPJMnp6jPEcvkdnxneR9dN1ewvmADe4ExEblJ4eRn/oi+Fzubhd21RWpRmHgU RtkysYG1ixpoyQY13ufHaUQAtGyxE4qTyYhBSI0QeMPEQ9h4suNgSLLidMq/+odE rHQh505HFKs= =BUWq -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability Advisory ID: cisco-sa-20170215-ucs Revision 1.0 For Public Release 2017 February 15 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. Attackers could exploit this vulnerability by enabling Developer Mode for their user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to the profile. An exploit could allow attackers to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs -BEGIN PGP SIGNATURE- iQIVAwUBWKRpgq89gD3EAJB5AQIH3g//UJsdf7eZW8Igzg1NAEAcGVZfnPxA3jlf wzps6+/z0fer3HbPtVFtH+Usl/RTQoH6Kg9e3ysZm9/UsYYMVMEBX6g9m8ICue0S dbAXmJC5hPtCmlHIO5J1te6KC2R+2uWt+6Uclkj+N/S0gj5V2KYKzsWvQF8rjUVl KemWygJshFzA5MuPWRNdXebBQwjHi6vhtK3rWjTQYafxSqpamjYa+k1AJ8UnlTnO yyVjURVlxh4P+KQizOMVg/Wi7ju/PVvyQN90eJ5/XHR2s8Fuq7xx0RsheMaLTTma 0hjOTkK70ckVVKe9o7XMBd+d2QONEueu503NUBbb1tCF1yjWCYBIn9AZvzY2CIRe /EhZxCoo0zmfbcOdKbkXnB3WnyHDX6Mln+QrS8+XgalDs/t/csk1fEieoT0VwZ23 BJWFrzmA56JfqKBJ4QrgpyNAeymkglUjpXl5w1m54AyCEgbr+sIGhoS6q70ZfkaK N9HRB4ORERjzVZ3YJsAHxp55Z8nYk3KIsN+ueUU5G+a01ACDoFzi0Mqg03Fs22mB syB0OvQwjvGBZjJE6bxC/D6/q2X/dCqdypdUMLwOVklyAs6GCzZTyO//dFQDMZXu Vpa1Lkp0617CBJXbH95ba07t7eEBQOXqNVNlj3JwO6qr48xSfw3rPkCsmv+0CggY FQlDeTuY29A= =W9Wa -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Response: Cisco Smart Install Protocol Misuse
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Response: Cisco Smart Install Protocol Misuse Response ID: cisco-sr-20170214-smi Revision 1.0 For Public Release 2017 February 14 16:00 UTC (GMT) +- Summary === Several researchers have reported on the use of Smart Install (SMI) protocol messages toward Smart Install clients, also known as integrated branch clients (IBC), allowing an unauthenticated, remote attacker to change the startup-config file and force a reload of the device, upgrade the IOS image on the device, and execute high-privilege CLI commands on switches running Cisco IOS and IOS XE Software. Cisco does not consider this a vulnerability in Cisco IOS, IOS XE, or the Smart Install feature itself but a misuse of the Smart Install protocol that by design does not require authentication. Customers who seek more than zero-touch deployment should consider deploying the Cisco Network Plug and Play solution instead. Cisco has updated the Smart Install Configuration Guide to include security best practices regarding the deployment of the Cisco Smart Install feature within customer infrastructures: http://www.cisco.com/c/en/us/td/docs/switches/lan/smart_install/configuration/guide/smart_install/concepts.html#23355 This response is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170214-smi -BEGIN PGP SIGNATURE- iQIVAwUBWKMqP689gD3EAJB5AQIhmg//bOM1Zdt3KCjzNpQ2dCyOVDA8l1yM6h4w MJMUE8kqxUHKtKP9dCqDNKJt18XEWX1hOBNitiUqCIksaLDntRDjlkuA9dAayAHE s7zvlrjV0OWJ9gNjUAc7Kb8fhwQVf3FIBiuRciy14y+8WBeTBGejYZgdK6vax0BQ /uP16dlViu+dUSmS3+K79lZ+7oJUKJWEcniA1dmvT6Rn5V5asj7sy9W6CA+X9ehm kahOFeZJibnynFX6cDH1V7gvnWbo62PtgZ+NPkRFscXIlJhAYUOxFLOdF227GBRo sTvjfitx64uWVd2u3HFDPmFAw1V2dX86AlNm8P8Bp6S2+jvJ3SprZZ1j3+vt1AEn j5L5sc7IJpjCjj/JLxFI3iQOBZBnXQXU4XHxvdorMt067CijcwQbPYSM52oAdG8d Bemos1BvBt5q/yIUV/tkYchdFMNsUrPBEjma4xf3l4RQQsrYvDhbJRTVi/z4Tjhw fT6I3NHax2rxIc936l3zMXsPSPCbpjKYMWPA0xraIfceCi6Ujkm/0aX5Lxx/rAa7 Utcg/pMDFNpl+LWyPhJ1egTvRjNm8XDnIsDmybmUdssxjp0RtJHAUDyKlu+OKK4g X3/8i+Ke0XrYFj2aag809ykRhwydveIJ3BFoUp7HiiAA5lOslR0g7hs30WgTW5UK rsLWNm4W6vw= =4PAE -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability Advisory ID: cisco-sa-20170208-asa Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +- Summary === A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYmzrBAAoJEK89gD3EAJB5EnUQAJvwO4o8k7USSiKn6WOoL3e6 +xm9hU+un1C3En1VjHE+l64c5/INlNgMdqxU1ZpTIV/7azsgL75Y98XHCGRcdpNT 8eZkVSFdkskopqTzPhccHg98uP2PiKFbBYXiFph5hoVzzUEjfTnTdR+f4lqomGwp F4rgNpvfU44N5ytdR/wK/pOcmqvcqYA4d9FKHsjb/3uQqAqWoX6TlWWruAlu4kUt 0T/mPUvD9heTKjzSFIk58P2iUqpkSf33TxhAnwhv1UBsjZvOaXUH7kwEzfJjwJI8 Dife+6lOHzkSZJ5g/m/TDoNxDOu5DybrudMKf3KmjCPBxuh7L7/pEu1PmNHX3Gn/ 8W+dsKWIVCPI0ZqkGOgkDpkvdmKXskCH9gCtuaUq4B3teSaESulz5rHy9rvqieHH cwauoiNS8tonacBPOSwIAbCPFCiGM2MUsYXH+08IMbI+cGuRuTLyQCLLYKVG+ArE Pmshi9WbqrNJ4RtSaQ15jva5rkBjVuy3xhkt5yyN1GEQRr7MlNJBs2h/8u6/yKgo kr2WcPvtP4vcNZeC2ThKTmb09h6L4JzK67JJMZaORnIPigdyiY2vG7KvU03Q+HHI XbTeH/dgDTm6EOT7575/I8jegwGAXFqMZGxDyBIutJHviw/eJCjqdenrWZn+1amn i3VqKIeVzO2M8CINO026 =XUkg -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability Advisory ID: cisco-sa-20170208-anyconnect Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +- Summary === A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYmzQYAAoJEK89gD3EAJB5ShwQANzEV1txdm9Sb7W+5YB7jt61 bkfUi8XQAHxI0BavOPY5DOwNAdAzqVhSXPyY6PLminlCCE2xoVd/+xkXVZjs/3bW 1BEZPkc408L0TCagT0JMwKSStvvKqyOBMFAblgOh/OtRHI8Yfkmxz8xEE0Zyx/oq KCcHwh9uiqBjPNTIos/oM7gf1BwXO9HW4NvsvSNjjS+xhDbEsf3Rev1lpHJdiEic JqFfHqgVs7mkd+A5q1MIINo/rSoAXu3Qu4oyNs0IYzQi8nr1DqI64hhSGvapp5qe nsy7ryF3WL5DfJP/GGG6WNZfQqDA/HU+Wsh8fdeoExIRAhcsKK9pgx09+XpnEpv9 +IyLp6HcjnTSBS1LATVYGfKTk7LOhOwpz3Dr5yJUxM2sD45/ZRpDaU5HfmN94R01 6to6XPcXVYEqQNfXi2EVvlgdcE4vbI0JygDS/gWLeExNmpo1LANth9tKNj7BNJOp 0AZvThX+sG6wJhaVxVP9fOJ+CznNa01RzLkinBjPXcjCqL4PH+8kJfuEYZOEPhy1 1XcCdyW09tpkL1TzBQNFC8dBHEkB4Zq118oclgfMwjA52Gr8bBh35itdxgQuAzX7 obNZcuqk4Ky44gMfPEjgcj9Ku2CxwwY0igrusE1f/hWgjFaATHYiDkn7G3fwezfp U6hzONkgWE1mKTsm1oIq =68r4 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability Advisory ID: cisco-sa-20170201-prime-home Revision 1.0 For Public Release 2017 February 1 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home -BEGIN PGP SIGNATURE- iQIVAwUBWJHyOa89gD3EAJB5AQIIsBAAzigHM2b3CTJ8/YbZyE4MF70eF0rWHN6o pTOK5kZkKgdqAVruuApy7SRf/VzEN+DzifId1oYiWG0bTHjUcxV3hXq59IN4tHbD 8o5TUwc4rqRME/MS3bts3NeCl+xBvyu/uCuDWJK5ENOA29aMMe7kifJlmgyFhX3Y ywSqS+6g5YdTi7MDEgId7wZRXFKBpMimU4vhEdnaytxmQGtCIi6UGeO673bUUBDA fhU9RYktiJISwOP4l06Q+oMcbU5Kw3A89OMmRiSnBe34piDLhUHcSW5UFgUfvU5l b50XuomRS5h/dteP+A+SexFai1szYt4v+Vv5XF5R4Z1BefmFSqcobSuu1/BrMTuD kBoQqZhe92SHhDs7MVqRL12uT4v/h/saAvEZy7EO483rZcSIzURFkwg5Ft8vsK02 3h1H+AmeYjedI03cfAxsd8NJ8EbgHeLwXOLgTNfiVS5jIv9vrB8gNey7yoXi6iOj mFo+pOysoMI66R1rtkgDQm2vLVqOI0+xUlPa8P94N5MWKF8rFsa9bJkXR0/kaotD EHI11ZaQIsP/E2OCK7MHymnmbkNl42bWghLIMXDVmlJ79oyMcjcCQAU1DaTJAu0l j03VX9FOqLmSwX3vslCUY7Tdgp64I5yTTUZ0n3bP9/0K5D0ISt9XaQwP+4/BwDAG fZECne7i/l8= =3ql4 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability Advisory ID: cisco-sa-20170125-telepresence Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-telepresence -BEGIN PGP SIGNATURE- iQIVAwUBWIeDdK89gD3EAJB5AQI79RAAplmPBpkFRYb4q6MDIh+/vve0iCnqG3wr 9jBWnzBazufUTII3085vH9snHmZjw2ffliVNv6DsWVXeouuxKgKHMi63dHoLmOTc wvfAGCY8Ag9ML9or0ksOgeKcSq4qgmVqZDN163CvFtG/bq2W1yNqSOeNT2ay00SA Xe0mP/lzqzgI0V7kw8Z3JmGq01sOOgTNV/RV3f5ZQOG3JpXQUuto8YfDwug3F1sl JnNloBK2DNi5c6PzopqH2nYgWmOokv2VsSZchV7dZHHuwpL4yif3BY3p6SnZm6bc ijTI2RhAfGf8NMMkGGoj/qYWn0JgzUEJ0sjPnpEmk2wo7YrdiABussvQ7HhHjaIB 3ayzYMoPI5RfMXiBgFgz5Y0YSJPj/WUNEMc2P7uzWTXq9WHEI26Mpp9Abc5w/lYC e73xzbLwpEqCMwhNtjPCXZizG7bkOUeNWQCZv7SzRPB2vFpHUOGqUlpjHN5hygfk 576+N1nFcDcck6lpYGjuEcvbHQ+uJtQgGNcxm/8HHtApG44OFrN2lfy3nRolt9ib hngttXqZjvW8Z1TAwQmohzaio46lNlLpBbHj2lsT0WeluP6YTbGW3hybHqnDDui6 Nr6hmdyGkCay9zIvPwRsisDUOltu2x3RU/cAPFvqk3//fkyrCQ5b9/6o/qh+MKZN SLjZF80kyW8= =bl4y -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability Advisory ID: cisco-sa-20170125-expressway Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-expressway -BEGIN PGP SIGNATURE- iQIVAwUBWIeDZq89gD3EAJB5AQJoOhAAm8pNabl5Kr9d+LAe4IluOsqyeHf2gMg0 drcfsdA36rLpGDHkjNrY8bLkOpC1CG+XM0DNTcRztggya05W4EiI26DmFyxlIWyR bVI6h5VcTO4TpqNRrIYq9+iqEV2oKKTLNcBn5YCS0qU2dwGoN882cFoUsgKQcnCj etLfzRByCEpAye02Lz8bZFRuRdPe98GCqxo7mSnZzxQNtiUfN1LfUvlryoeDh01J d0oDQy8fsOtoKfWJi6DtZwZO79ySJ3Z6FDp03Xd2OqJmWNCMfYYkmzKMrfMI/Jyo l1Ze70epM9SJyxZp0h5dsSDryCMQdBvdwlhQuk84Dnu1hZOTcM2d88KhWIEpiUGo RcVQsAHMMkqHZYz14uy1bRc5Y0QxRu8WooSVQsDofSOJD/p33aDGudgnPZwyEvQQ V2w5oQ29jEiInPd+sadpBUtVcq2/EI79qJK9PaLmx7ML3lZmKynXfwCyWbS5o91q orsl7/+/EH+ty3VKF0c6x8n5tnRMTEfaD+bL7akjGaespehEL7t5qQiIHIBxWleX jXpYh5NeoVPGARMoQt6KtDsbjPY0I4nVbb5kTRoKMQ/9kZ3H0FAwxUwkKAnEVt6C g7USmB32lBaSCqnKAuRzOVz8bSy/6rdG9Br7bTZ8ezQatOCZBgmu5cBZ5yNVTxsb aifANu7jBdc= =fBku -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability Advisory ID: cisco-sa-20170125-cas Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas -BEGIN PGP SIGNATURE- iQIVAwUBWIeDV689gD3EAJB5AQJ5Zg//a3dCro6pWqKHfveTah65APzs2XpMIMIk 3D7dKxnm1d6g0TKOI+lGcqDlgTnApDGJNAtAxhYqFN+w/RofPHTY5FzRZHzoikYc d3rWZkPmLPld/WjdTq+yHH0yFC/fyjYE9jFRD96uV3AyCWJZbX3931mAotJp4YKL McteDcw1tzZkoR5uOmbks6pzBbS70ZxYZ6o2fz9MhdIbBK9OfMp61sfIRGF/L8n9 Jbyc+Boqru29lTjwmWmeMq39G+gAm6QQxTKA0yiIq43RrHrDc+jGCW3jXQ58ptYn geG5xQngqWSI/0/2q4R5GHmVXbprrWu4jvdYcM8z9FRi03wYkivMbLjAP0k41oX3 OQOIsR0frAxtAhmjQ62njOMbmWPVwyCxr+NKacQl0VfyXubiyGWVsM+APu3Kxowo hlCKHnV+J1/8I9yx8rqUe8kqdoNM9edMUUC9M2DP5oscG76kP9sIfu8ZujHxwmsd ehp64NTrYfWLDLvlhCvkSli/74wfC7fjou/lLatqZd2l9Q17wBhhd0/Sq8DMNw6U 1NZgT/WKDq35nOPwmVYm1JyClhMx0bmbxCGwRICDTjW+kWZKQV16Bm4lOeHFKoPq LtS5DI8l4oJHa91g25BIkEP3A5GH57k6drPi1UaCaXPO2Vk2/ea04roPpJSY/g5Y 4PRK9X5DKrU= =780F -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco WebEx Browser Extension Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco WebEx Browser Extension Remote Code Execution Vulnerability Advisory ID: cisco-sa-20170124-webex Revision 1.0 For Public Release 2017 January 22 18:30 UTC (GMT) Last Updated 2017 January 24 18:30 UTC (GMT) +- Summary === A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks. Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex -BEGIN PGP SIGNATURE- iQIVAwUBWIeo6q89gD3EAJB5AQK3ow//aUWUWxVoRUzo9hxvdE0dquUjKAv7/suF XG8uxNPpZ9xfSs988E07Kt6uF5sJu4xl8YaqYWj0L79jxs4o8fUmmzyFInJMZhOd 8swAjuz6ihVTe+Nj6ahcxEoRRbkNYt77YZAg4m8ngM/5r+QSZRSw4nVpOvLqP9Wv KBjbDVhVMjJ+eGBOEJhfCD8fdXWVIe6RvP5jj7RjaCYWl9yrSFsfO1ccysoCInNk aXKbEwRXeVc3CJHqzg0GUXXnJLZ0jQv81bAGaieCt8eFTjbyK3zghHOxhFK+IUJl ol8ARSbrUpBL5/wSodhtHe9+IzUjiYIMnWiJBLrRWHSi4IXuN8PYOG9cTIaFVEGO QIf83/FDVe+Y5WdfvMwQDDOnQFe/X47GllPoiG4aPouuc7XcbbdZZxZm2kjsdhhz 85sh+VX8giL4u2OOqLSDlLuThqwMSt+1jeq7El/mm7LemNI2y69JUORthcQvOBXE JGiaOfJKc/hJIypyWFzB/eaCbv1cdcny6hAtDIXhyW6AgcNBoTYAIyRiowrgtzWB 3z9yAlFklWKqD6x1zHXEPn8HYSl97oaabXG1yq3quEMSufXT9YsAzElYPBLxUs3B B7z9mpLgdp+5/rdnpDla4ToNYYb/21f2WqDRHAS2FKPhvhAEwt8fBFiulWKBXQaz 3Fpq3hxXY4s= =dTTj -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco CloudCenter Orchestrator Docker Engine Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco CloudCenter Orchestrator Docker Engine Privilege Escalation Vulnerability Advisory ID: cisco-sa-20161221-cco Revision 1.0 For Public Release 2016 December 21 16:00 GMT (UTC) +- Summary === A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO) (formely CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. The vulnerability is due to a misconfiguration that causes the Docker Engine management port to be reachable outside of the CloudCenter Orchestrator system. An attacker could exploit this vulnerability by loading Docker containers on the affected system with arbitrary privileges. As a secondary impact this may allow the attacker to gain root privileges on the affected CloudCenter Orchestrator. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161221-cco -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYWooEAAoJEK89gD3EAJB5K9QQAMPU3MTq35Umr6OV4D3c1SZo zknAHNh19knzUB4271mbZmdPhD7xUwDvcnDTsF/+pGWNa3aBpnCZkUvy/pi3h3kQ zZJhFErUUnkSSUoeqvsvclJOYo3C1+DozgOlp1SNDgUYxpH8m4H47gcSns93pMbw Xj/yWzsZ/9/4yw31+C0kcTpTKPW++yCrRHWjd6EAZMl73IoElqamxGQh+dgEt/R/ rvpviptlc6Jyzv21ETDYDbugab8j2VhPRH24fk6uImaKGTgEAj9z2aVDZew2sbZB 49O1BSLlL9RyXv1BRxVltM6y9poEpxbLRij4VtN4iiry1KFcwZWQmZuAlrEDaM94 aj3zXU/G6LHMMF7sOmzXFdxlua+8jwaN06C7iLH1AowDV1XmBJsN9ssBC3VwicZ/ HpqpWK4ixkQi7hrH9m47xo+m+REtWi7gIeC9if9oOXhy8qv9XmwXUWK7n10u0H2E fBhpyQWG/sR2CfCg3WZtwn3l5VhDfvk+ncQfCRSOpmAeEPbbDSmgrshMvRe2Y0sj LlwfHbDxui3VwSG6mNTDl70WDEt9ariDEYwC0jXYZl/Mfq7BmyvvObEKED8o10Jz 1Ya+8trc1WOlR95bPBG4yQ0qHwZXSvJfGtvTrwK+LNTqyeKelhUV6R/d37Eu6w3b 3E1LAh/dENRvzwzazGrr =oj1u -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability Advisory ID: cisco-sa-20161102-cph Revision 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to a particular URL. An exploit could allow the attacker to obtain a valid session identifier for an arbitrary user, which would allow the attacker to perform any actions in Cisco Prime Home for which that user is authorized - including users with administrator privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cph -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWBoUuq89gD3EAJB5AQKpghAAqO51AV155QF6Sj3wfDwQyy5DOCUbnzJT OSkWF9NDsXB9GBEtAD9Vtm9peenvpbuqbT8k1WvDUo3+5NVyRht+u7kUjriEEfat H5DfYqVAqgaSh45rHfl7zjINRa0dWdVFFA0HZOVkMrLjZ7y86DmCED3JDnXeucEF nsbE/m+eMw++Qizgz0KRCedIwSBYwfAtibbr8E4Ch2t2SeDBXcHAXwboc1YgfjOS hopqKwVnb947QcWKAPBtBKWO9L7LAFxSiTMypnR+wVDlmDkUFX6veH3bUDYCSJaX W1/yxfGkMygyfozq5lDBl6KJH6v8uITAvBNr0G4Ffr/hIgoOhj8YcKQYDHvCdY0p lfdmtE43zMgmVn50dPujpkbqwMoARpAKwBvKAXe3EnqR4mgEWg0QpX0Z7kF2Y9XG J1XJyKYcDlS20tkxX7EJ7i85ik673lSI+OJEgoHOtkwyjaZQ/didLQRYzWtooEzS PB07Ln+oUkiT2U0pwLpKeiDMBeCajMQOLbOiih7Y6NbgH9UuHvOr7WNZiGsaeasl GUb9sANXyAp2gEm2dZ2hNdWMTmn3U4K/l2w1fBGtAU5MzpzHWsSwDrznxZzuMScy E6yrGJHs4IF6jNoKPvzdjO7v3FV5QQ6JatbWh8FU+9TkC+rQFQ2ZQSpnA0eys6yt ZddiKw1knKQ= =Dqez -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Meeting Server Session Description Protocol Media Lines Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Meeting Server Session Description Protocol Media Lines Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161102-cms1 Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software performs incomplete input validation of the size of media lines in session descriptions. An attacker could exploit this vulnerability by sending crafted packets to the SDP parser on an affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on an affected system, which could allow the attacker to execute arbitrary code on the system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms1 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJYGeeeAAoJEK89gD3EAJB5ONgP/RUQTYCV+EW2SbXMFCghUH0m f6SrzmX3BJYe1ToFWf+QltKKHuS+iWr/R81fQ7tlBqDb8qpVIvhqM4HPirvKNl0w fwrkwu32FCDQNv6zeZuMeT9u0IooLzT6gEUDtxzhcy7iimhF6MmqdfyBSyYVVHrx N2N3Ru7ngMtgFLXdOGmL4AVT58LCy35WmxZXN1pel5VklKKnLhpXAnIyWovHDMJa srl9Hk7bgtP9Z8c+jhsAuQO6PdzZJXPo831TYQXx6gbzg5ESewfbcFSZpo35YVMZ BWEJ37NiYPXF9aMgu7t0+DwzSJr3ws9GQb58/R79m2vVTsLCAdbPtr7caHZ0yYEV Rc5zutMlNgMz1qR4fhwPefEIEktghmy9TmlrK6p7CLzXI0Xfa0jHYSUr12OT9qHo wLym7jGsC8NksH0rKEGFCKK3vQpflasW74BoJ1gwl046JbCQIQIc9U/ofcJZspKe KCbkpic0kAozMEms7tEprq3nOb34tPgWa0Ie1rXoDWu6ioXgjlMQusznO35MPIJ7 EfcmFV+Z8NK6cxG5G+aKwWl8xnWRii5/bXfEFnCx5ICcMD1KOP651rcCHpTDLs+m 5yYjwOOxrnHVveldIon6Ryp+1j0hkTZkbBPcRCN7kgNPioAC6GNWjFvj0hYxCbz9 8FFZPoHfD+E5+Bvcjz2r =69Jd -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability Advisory ID: cisco-sa-20161102-cms Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the software does not perform sufficient boundary checks on user-supplied data. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted IPv6 input to the vulnerable function. A successful exploit could result in an exploitable buffer underflow condition. An attacker could leverage this buffer underflow condition to incorrectly allocate memory and cause a reload of the device or execute arbitrary code with the privileges of the affected application. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJYGeeYAAoJEK89gD3EAJB5YUIP/19rgJYyhtMGclvuJki2GnmF 9Wr6KsfgTHZI2uxWOrd2GL8kLt3a8roEeLxY6T7d3aL4J3e5oKTf/eAETuaHsXnA NG1RknOcOn9P0iAY8Hr5UjMfZcIU27EfnnACqclecXbNiH1NWD6WPH6r058041Ib OXW0uTsBWNnhgFTDPuks6rCKBibbKiBYJWi6hFqqhfl7dabh7e4sqIZrR1PYZ1Jb RjfPd5NhD2ksUAeRxuwHD4hGRLQZS5Il+DdpbJ2N7JzhpaMMv6EfevqhImPCe1FM 4C/sjBNbBSYlzwdoVSDwoPLTOS8NJWPK39WC7JB9Jv5JetnV40t0gCvy1AYnVedF AoKnnkaDlsCN/lzW+js5YuKvOV1hRe+r/631TV3VWuC7SHDJCoF4tD8s/ZBugE6k 8xkN23AlsCtgP/5GNUSH4wBOXaidRTPKK5YjT0hsIqV29TYjx5Sn3BKsjIrVqB6O sJDPcxe1p/IbNL0ZRiTnsiPcrZM5uvFigyzSWixT87rfFQV4cawN6VRmjZNxZgCA NEsqCJbXRANreYD840FWleLaw8VCChU2qms3lz4k8GrLuBzZg1o+2IXd923YtCOZ qKp5szHDoPhrxLMZRL7aC9rajPv7uqQQrNOO1FMC8RRu13uriQl2oOzx7WkhZTnG 16o5lSdBYGKg9HouNE3i =m8l2 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161102-tl1 Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks on input data. An attacker could exploit this vulnerability by sending a malicious request to the TL1 port, which could cause the device to reload. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tl1 -BEGIN PGP SIGNATURE- iQIVAwUBWBlmqq89gD3EAJB5AQIECBAAg/G8Bb3ELSIv8KeppZZNvnNuZu5+JXSS TzFdDS2jpr9gC93a2+lkuSzQd4JGRf52u2LGrGSlAE8nf9KQOootz297+N55211t huxuaE04Xn+Wnqi+HMhAN7i/fAqPXvy1MGdwuDs2j7SjuoKXOBpIjyPVbAflI8zx jX6TTV/qBH8FYhozONXSAtxC5l3KT2IkCyu8Wt+fsCmQgnWEBR5lnKVmWOyX7+sm +/H2mvrd+C8qJnNmIvizDIMSIMRLZXCRodyTGYcQqmO9Swaiu5ucIHcPe6oVSJvh 68SmLD0W2YAxuXkgX7Pr+hJh4/oN22jRNJkrYWO6Niy9mNEyJljp3eGWKMpbKXK7 Qe3DHZ5ILjLD7hzoUTZYIBhHkQvmJbAbXMuuIrGDxKnIqS/1G5q2nCoC99Qb66IA +mOoY/eehJUOFyyfX56NtQuXA5NLrseHWVyGtecLzB55nxqQ+bpvdkYDjV/7fUPc M+jgtTO1AhNkqT36Sqr8x0R152L+j6LxBbhT7DGPWjywmleHBGjqRSqC6nfRV8oz joTb5MScXvUqM/oyAO5F60A0eHjY2Y32B/ABe+GfHqtnFFiyUdofWgtpH6QPETbO QTg5inydNDrqppAA+T5JG3LZJpSn7PuIJ60HWFSirmgAgpHXhe7yCi2+X+6y9Fp/ S0Sdoo9MXGA= =leRx -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Corrupted Attachment Fields Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Email Security Appliance Corrupted Attachment Fields Denial of Service Vulnerability Advisory ID: cisco-sa-20161026-esa3 Revision 1.0 For Public Release 2016 October 26 16:00 UTC (GMT) +- Summary === A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. The vulnerability is due to improper input validation of email attachments that have corrupted fields. An attacker could exploit this vulnerability by sending a crafted email message, which has an attachment with corrupted fields, through an affected device. When the affected software filters the attachment, the filtering process could crash and restart, resulting in a DoS condition. After the filtering process restarts, the software resumes filtering for the same attachment, causing the filtering process to crash and restart again. A successful exploit could allow the attacker to cause a repeated DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAedua89gD3EAJB5AQIOlBAA2+nYWHtIoo6idYeCYFiXYxlpVwtDWIjU 7wEleNwd564UN+IY6jTCY+3eW0zPnA0vrk10iwQm7xVy3WTVfqTU/m1TS3fOgSzI X+stWrOXeU3tWehVfZkBKF5UbSEe8CNU7vAzminsy5dq5hfTHTx/oSXWuB4wV2Be HMO8IxJRFPV7DO2xz3FkqEf360vTUIoRiP7CGmwZ6+CEp4Lm/LDE3/oVuaHoaj/Q XrikOqRa4gabGszQ1mSUH+cgqgFRb/MLQaL8AcKd8VYnj8nRIpqAN7W1FvsoXvcZ O0GreEL9EoBICWXsCuEa/lBGxqPHn9PwRReQu+0RnDzsTXK3Js0vcO77lLmydFb6 6/7ykkJDK7XlldYBBNzc2CvgBVa8/LEsB5xPWV1UplaAxB/dFU4S9JI5Y3AioKJ+ xUD9P68OYTjOguLGvAcCPkLOqKGuchPPYu19QEnMeP5SDA84ooYP+l24OQa5HV6L hQbxgdXi6NMs50r2SpfpbSrk7pTYW/wUT++uKLl619r1G8EIJJqTdl3PtFvoAoxz dyLw/hPfyTGHE2ZV0CIlzgBykFUkNp8RhtO1UDPT9Z4Dqod44oLiGroqaul4V77/ zcHvOT4yLWDhwiKm3Dv5my5NvV4+Tc24bBwVj9S8Y/7lxGM/BQJF97AfN7UrH9mA kLEPJFLPx0k= =yYBs -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability Advisory ID: cisco-sa-20161026-esa2 Revision 1.0 For Public Release 2016 October 26 16:00 UTC (GMT) +- Summary === A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. The vulnerability is due to improper handling of UU-encoded files that are attached to an email message. An attacker could exploit this vulnerability by sending a crafted email message with a UU-encoded file attachment through an affected device. The scanning of the attachment could cause the mail handling process of the affected software to restart, resulting in a DoS condition. After the mail handling process restarts, the software resumes scanning for the same attachment, which could cause the mail handling process to restart again. A successful exploit could allow the attacker to cause a repeated DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAef8K89gD3EAJB5AQJmjhAArJx4+FUbQwa+YUwSBBgQN3NWEAXD0VdZ 5gl9ig/7Y5AST/OrhAfhTVL94/8O/0FECeXqlmRc9qrAJ6ouR3GcvIhd0kOYTmeR Pxj+v0XyBJlp1qzvgy97jM+hSXoT/8MPcdAzVBlTtI2pFOnkgAPWGuKr/nbR7AkD gRns2NRPlXTZnyo5LpxXR/JLo0+RpTOFPpuZNZYSLf0uOVimfrR+OLssCnzIZFdu 8P2k3XMU7oa6QA/EIruayFqBOaIWjjLvcyNPPehUU3Ye3g1tR86qU6Ik/E4VTSDB ufxg/GtbafCkYqa6TEeWWQRyNUUDzo8rKjFz+HY5yuKEaT6IH9dpPndj8N/LQO93 R58OABHlpQdlDynSPSInMzK+PkEX3R8+HmViVmcVKYmm847uExkcYJljKoPEE6iB b90VJ4Ey8KThCKNCNDF5c27cv5Yl8RnhZBCl2glVY0jNoBsAPO8xHwxd+MZBCspx YldjHeBNZpWGx0ZN8OX/qY33nEC9DOKdGshmYt8xA+BIhlAfGeHGNZft9U4cXdYm /ZwTNc8e3ujzaR/o9T+G9LngBWKyMJ6JP9ydhnsh3kZJN3BH8ZdoxS3YUd3asdpB 9PTgpMqd4fk3W8KIQthmi3Mm7grihw/Bz+PKfFxQNvPW6KIcAqS/A0m0sminPHXK K7VNsuZha80= =wtS3 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability Advisory ID: cisco-sa-20161026-esa1 Revision 1.0 For Public Release 2016 October 26 16:00 UTC (GMT) +- Summary === A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the message filtering feature of the affected software does not properly validate compressed message attachments that contain malformed Design (DGN) files. An attacker could exploit this vulnerability by sending a crafted email message, which has a compressed attachment containing a malformed DGN file, through an affected device. While the affected software filters the attachment, memory could be consumed at a high rate and ultimately exhausted, causing the filtering process to restart and resulting in a DoS condition. After the filtering process restarts, the software resumes filtering for the same attachment, causing the filtering process to exhaust memory and restart again. A successful exploit of this vulnerability could allow the attacker to cause a repeated DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAedja89gD3EAJB5AQLHvhAAuBm7hZs40pBvZZwyhtcSiEf1BhfTthrr AcUK3IegobD3q0HkaT5HEHgFBZ9VaqlISG6dEQLM5aK94bC0pCUtbT7UzCYqqAVO j2jx7cWfUF5AXFKI8UKlACX95RuQYYbBhIE0vxmur3MqlYm30jriUvNKEu1YJ2UA 3ZUiioNh2+Fb+tT0rWHg6DGU7MGdzEglw+uxC3YuLp2s8xpvV7mnQXhGlsDz5Ycu sH6qcL16AGIza4yjLuJPOjqOL0P9C5mpMLOxeZi0CR5G7csXHCWY7j5UvwQfHPhj TKV73WhE0cUWXAQOcwM4xFycaN2BWDBRp13ovhy3nn/vDVtzFRjgMTLr3PKhueOW Pt0WpWbhSnGu/RbAKXSSyCnyzqYluF8XNx7c22ztUhLSRuKikB91eNoOuB6MPnbE upD99gYGUtlPwwrduFpqUdAtrOcVbLjHHUD9Z+fMCbYQAqIIWIOiHwuWN+asYS2g /m4ZjZYfR3AqjQRhup14LZzwgT0PawmIpZ+HTRME7/BmDXuwZPbdYf3PKaZ0yiZ4 RaXD8AAyWC9m9ZZZ12G4ImtFSfpy7HLPUZhd6wWrFYnt4gt+xSM+71u6eJIlQnut kriQ5+rx5BasvK9aqfwYDIqRc/uy4mn+1S/QzKwZ80DlW7R5VgG6k66XyK8gWcH5 XLt5g0sfqAE= =watm -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability Advisory ID: cisco-sa-20161026-ipics Revision: 1.0 For Public Release 2016 October 26 16:00 GMT +- Summary === A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYEKgeAAoJEK89gD3EAJB5kCkQAMBJBOUJKaTtf3g9NlubllRm aoZVVdjNFTzVtWtgpcp3uXTIojTL2gJl56bLANEqdkzRCWlGPvEWCIwXCgHqDnal crG4NcImv1P5UUeUVtsxSqOM9eIvaE+xwEDb19qCPFguWdDX91q6tyTxcWbrJOjz KtzHOoVEqlfqJyFZ1HpbVbdLhzvo33M88X9L8YBl8syravWmGWuu5AsuUBgqOgvA UW294RVd8LSVkrJwvD8rcOUmUSkKJ0RopqoRO/+YTK4DLd2EF63pXfPV1Gp4+J6u Kq66Dv/Fq5D/7WneSAeiCbQ9eTVlpAE0Y3gucZB0/2juEoXLXqMMasgNtIs5Z4MK AJvnN3TdocofxykwFgxi7ta3QzqIfzW8tlF+J9f1BxPmh/yItOgYacIpaDj7Hmdb M3SsoVIP0uGWyrBZa9YySRGCbUbGaTn5wXiBFu5tRoesvQ0Wk81Im3JWSrGMq1uK 1ae+LMMTYH1wgnPhIm5jRsTnUQ0p3BYgKsU8L+aTbvDRdWKGCYLQue9JxmqKKb7C mVW/BG/wC5FGg7oaMrF1uU3mNIR4WU4B46qFpWj58dJe3+IOmcniIVBoWSZTC6AF P6nqGxHwg5ATvxPBrNR8KYYjiGLcdtSlN/kBgPXK3qPI0elF8vHRqyUL4gzxJt4D IJsTFgSztk8B9FlbSdnu =o3dI -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161019-asa-idfw Revision: 1.0 For Public Release 2016 October 19 16:00 GMT +- Summary === A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAeXoK89gD3EAJB5AQIM7xAAtE36fCsdw/YaV7kg5vvMiKKs3fkhJP9M 50LT5WmbzGWI/61a3Btml8Sge2v8ENiiCQRAPchEHoatnvhttNhbJKjOLvmwme32 urq9OC0VXkTDXvEzQUEbUgHNVJgIx0mDPEbrqmxtqIOKGR0b6FqqAjz0TblRVj+T vUhkfsotnwl5/56gxzVgn+9OHcFHldeKINN/Z3dPKkV7Oz1451US0QtAx3vpdbqT hL+sMS0HYI2z4k+GwMNN++0IydVfzd3gOIduXh3grJVB2oF+TzUUUfet5lVMhXaw LuoNcyqA+33C2B1PX4JPvEREARmej+nyRL0csuStNMWZfNrnim60I+1BzvOavPSF q1diCQbWFwCwOGKPbGGicnLSXcovpp7+hd6sMbU6hiJNd8MDFprZRQuo9KziMYVf vUwJjZZbGu9HSV6AXsSebC8Fg5gTN5MrnvuNmo5WXzCDEeCr1hGSGnLmbEAFp01t oklp2lkPYq2l3kYdhJuVcMIYZpy2uvwPh7EHZQf1DUSajn8sA3LzuiaKFmdkttc9 f+j6jGjpmyA11Si4ZSGLo77+F8HO0VCrkwkr/Dxd84vSv/ES4xXr09saUV7N8As/ wvxWUhqwMl5XyS+Apb3hhnKZ/FlKL5KgKZ6shZMMy0hlqJRXYbfrR/H3ZgyppVpP i6tdApTzCbg= =qYCF -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability Advisory ID: cisco-sa-20161019-fpsnort Revision 1.0 For Public Release 2016 October 19 16:00 UTC (GMT) +- Summary === A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV/5H0a89gD3EAJB5AQK4Fg//cVlNIwP+3veCAVii9Xt7fklj6O6KrRik pmQGiAAAVSaEoQ3XiNtmx52q1lMrOhrGOIVgdY8Uu/T2ofb+ah3Fzrcyk67XjjmM 6LckmT1gRHCU4qehWbxdpW8eSJsjkp7bSHNbQQmxeuZVqr1bpQxQI0CJe2JVE1fO jmVlBmhQ9Kb5JQPkM5JalK5/7d9RgrCZByxX80YfFHigPRwFp+7blHt8tzIzKZUa 8m4f5f5Gtj3U2Ox39AYmKQIeWgpqmaxz3TTWh7hZhdRL3E9MA+tPzMllgm4JKvqn CA334kPlwrLZkTH6FNlNNvGlkxb8H8kZJ4jinp73oIB35ILYFKj8PbhyEBUDzV/1 7mv3KuwOzmJ9Yr9ZoXYs3rJxduPTLfXMiUgWKBsYQp+tQ/yS4+o3Uo/44cNn/kzU hx9UjoyV4WGzq2t/tFtbaEzWYMI6yhB/D4dDfixAz7bHC+kksvlzBCFgJfmthXwk ncNrnhjKlqT/f8YrRT4U6Qw1V1QelpbC2N8Zgs2Bin5ZKxoQ0uqWhYYvJIOvPGSQ 1XAkq/xCWelcTyPhZwyKlQxFgXH7/vXy8NQkmAw338/xqgWD5CtUqXsuypYDpxVc /RX1rjOHTsPrcHpBubXUOt3uokHF5f4XbE4ZAn/vzZM4wtHzo0v1PjfwkaHM/y8j 5G+18M5ADlQ= =H5oS -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Meeting Server Client Authentication Bypass Vulnerability Advisory ID: cisco-sa-20161012-msc Revision 1.0 For Public Release 2016 October 12 16:00 UTC (GMT) Last Updated 2016 October 12 16:00 UTC (GMT) +- Summary === A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability in some environments are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc -BEGIN PGP SIGNATURE- iQIVAwUBV/5T1K89gD3EAJB5AQJXixAAya7sQ4U4yX6jUyZlGvudqvto/qHd4gj5 1KCqLAs6zo1xQ2FckY5ZcSRCmih3ePR3gn7MMa3hvyaPRrBqqIsStRcsbxgWKK4o b3z82O3Ff/texUaVCGcPjOlW3Dyji0YNblq5WaNqoNyTDxHRsoF0q9ZfRCPQ7px7 ixH7sjlSnR7M5y8Xvx0ZHPrgD3dh0UFdBsywM8wWKAwMRMgnOK3R8TlbmvRNwEQu JOjdiIjgiZ0f0mF4aqUNwSzkBbSBEZJ9PbHDWBfxcFnUu06Bja+wRIqIP+iaUFUB RFZukZ19hPjbuIb3qeKOjpbvOBWdt6w+LGmaVLAvQGooFg3at/LhCfPjjKkPZxfy E2kD2YjkI1iKbVU79qGmZZXydUp36Ec3uLQVKZJV0vYyg1Frrgh1NXBnQjjCJq1+ +yA3PB2REapoVF+GJ8S5Rce/xYuIh1BG5WMHDGtGKig01e34nvVKHaDVxUmvF/bu Ldd3WyjJqd0hueeVeAMnogph4Yk9Q0g4WugNKex8gmiYnA6RVe/j6W8MUWLi2vb6 4wep9961nqk16hOeNhNGO9CU5NXNj2hPEMBwgcsA7RJDMLEQpuEmBpuBzxl17vya vEdt/RQzKTho23POnsSpyucQ5TbXsiqtHxzN2lke9UH0zNKOLJXo+y0b/EElWSAC AnmG++lEvcw= =Y8pC -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161005-otv Revision 1.0 For Public Release 2016 October 5 16:00 UTC (GMT) +- Summary === A vulnerability in the Overlay Transport Virtualization (OTV) Generic Router Encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the OTV related process on the affected device. Cisco has released software updates that address this vulnerability. A workaround to mitigate this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV/Jmd689gD3EAJB5AQJKfxAAgQHHRNd10fAZT/Nv9Nd3OarYWZjt9QnE c3Q5KPGZ8yBsoBDp9vGNq3Zu1XRLz9TZJk/2hqs3AOGLsONeyJ+wcce01/zYwdxv wjgXc/qs/fT4uDFSjguCq4alBDJoxA+MCDH9ZYJ1XdykCVoZprcJQFbiRuSkKJJB 0pS1RsmiJ1KXbOpG7oCU/7ptb6gVAMVieTZW530Feu/WXssLA4I8wprNfhdMzW5Q 15KqH+pOZSr831rjBQahnudBB1u5smw/fWWgtRZxo6x3OSbS2drqGaRbNg6qPtl7 m8zdl2Rd++FYEwKm61Xwm7t8x2m2Yh/aHRRGL5bTcit1xFETiadL73hiD2wFoYdR XEIFnYn+7tkIOhq2cS89O+00CYipFTwBBsMpibURVP56nY3xUaiv4AL72bxed0ys afJ1ZctMSLOQRrcjbmzRWFyCjZEjg03SrPOCsCmQRRkl0MPeGCJ/e7gkhE7aYN+B E1dsASbbLHyH0zwkOGMxoDiPHf1UPiSpXN9JpdAZlk6iF5sD4POXhmAtYgyyQIDt 6mZn6hW7HH38hTErrze1rN1IIQiO/qDjowkQuSi5G3SsT3uAGn4Rtz6oZTHzLuYq LT/vX3BK/0WbKII0Zz/Vw4QY1vhx32rgdGzez0H/OKMKMICsi8IvuqXGeOZZC++B CoZE5dSl+VI= =P29o -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-bgp Revision 1.0 For Public Release 2016 October 5 16:00 UTC (GMT) +- Summary === A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer, or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. If all BGP peers to the NX-OS Software are Cisco IOS, IOS-XE, or IOS-XR devices and those devices are not configured for Cisco Multicast VPN (MVPN) interautonomous system support, this vulnerability cannot be remotely exploited. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV/JmXq89gD3EAJB5AQLJww/9FYyD6RKmaLKRJHLCSs594In2H0xpguNI WJS99FG1u6sffRLuM9lI+H38Q/cNotU3Z1Zd67goXppd+gLiSi1hxoEJkk0ogb35 mttvlDNkEwP/0P9O5dfLZTebdZHE+udmp6+K1O7S1y3yTYWb758Ncoy+WDflcnkq 7ecvygPmQH2FZWcG+j5/zJJ7VSUbcqd0lpf+kqvzBpcxSfdXMeDaAd++oSycmzS4 VuBQosYsd5Ee+5tpA60WxBKVl6wMB29xq49x6YH/CRmA8EjTg5pzxYaoEvaTaQR5 lwGot9WYbqZpwqEZthipOR/tY5ADsC25N923Wr3f1yq2X8w5hyL9rVtXpCO38Dci +1CdgDS5wHRxA5HmcD4kUIX50hAXShXarT14qj9lc+eOKL1Ge61txg76EAxDmsCp qa/IfbdQYPWN+STfG5PO1h3rc0zLQRWQ9Y0ogyJ6wA9fGBMnBmY/mQFFuzJZXQ/b VIs/U0zs/BrHN0HQNrVYGJ02kZrYq7j+HmBeYK2RwEH9MkQ3w+BphmYhoy+nBx41 F5l53CI7hdaVTMcP1M+pb9g2P3NoVC1JfI9aKwGc46UEMh8ZFgFRcacnowtTdWbF KWlJ1yFmoPycxo8OwAtzPyA61LDbK9MRAttaeAwp+d5bIBope/q4StMb3bYIML4d tfn+bcAL/SA= =rEVW -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-dhcp2 Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5MVEP/3Vx+EYmJR06nN7u3bJ09QcL rCM8WkIN1l65nJOsefcneDlPoLDnob31KznL81u7gXtXuOptUD2sT0TsDePwKatT otvhVQEu10tzOmDwStDjhNO6q5fsrExFMrdD/GwU8ZSWUlffWfMT22Ov4o31qck1 rMtE5Qs7G9oaSVNA+CkXcQijdhnkgBs3C51CumSHB1R7HkZcNJdPU7bOlU5lgb9p 1kzg60E4owVThLiGoG9CwBYoW9EhhkiUQCDiPui/cyp2SFuUeGdcz+hpX48Uf/0+ /2t2cqmibN44Yo/1NJytmEam4HhjF+rpPZBO2R/1/Woggh5id8FAGFmg2prcyM8Q 4/o9PZHFI61UrXAFIHyvEJGdrU5hCrGHaoOZMoY+TwCdmw+bvvYjGu1uSzK6An0L PDzJkLVSwogr16dECgESt3BEA819it9r9M87c+oRp020aniWZnne39xuXnCA6oN1 3+183bnFKYpgdYrlDLNICOi2MdWsEAjxPFMI/zkHlQtqus4vkuWtSPkiC6+AlGeZ 9z8YEbpjFhfZjlhqnXd9jLNQLAxFGAGOcz3vndjNsIwLQmaN67+EIbtt30lxJ0Bq JmtrsojSOx6VsH9JigAOxznLzF//R4reNopiVZqwvIAHpbE3CXjSmmp5601QPVK7 nsoocohg8L6C9yNvdQSU =jkG4 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-dhcp1 Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5aJAP/iqU3jgnj8/ZfH9bDtTZzo/J lgymui54AgbK11rUmqDyzsPctHTzb/RONGNvozEMT29MgTw/5YKXGdEEdJpEcTRB n0btkc/5HJM0kS0wICLCQgwNdlmj+ERYuNIV8q9VwyPOSKoNQy/kKt4QRyzc2lbI E8nnrEyZZHYtt/eP7Ltgpy2YnXsP+ejzc8jPTYQXJiPById/mOINSjo+iw5Pr6O1 0L2De/WsiDHsWyBnOlljktupLWwxwVSNIYGO6nibMc7R878oB7MQs5/OymQq1CGH b2ed5nROf5QtFdo+pgRCjXw/87j40BNr1IKcCd7U9fzvzIGxF5JxDQ8lyzEJ5N/5 DOOlfa0CtQ4qwaP6lwOsO1mNrUjcNCDugmICucNo01VGyAReMLy+4vQBmD9AkByU cq51vQXe5C3PyU4quaDK15Ix1DM5Q3FJKRyaJ+6ScA0I27L9BSel7XamI9+IrD3N S9VKpjcZvXSauwfyQlnKilBNiQxbzQpt6a8UcX/EOx/sEu+G+fa64gPRcdi6nTKQ RTj+iqttSRJujQqYWVB1/5xK/VhNu3T8J7KssmS/gFXxmpCGebZLNT9ooiQQk2UY a6gaFcsNladvhr4Y8nltV+jLpCal9vD8og7B6dd0EU8XMvUxTTftP/xJANNghCa4 ks2Moj0fJ6Nfk7DYr8GW =uwR9 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability Advisory ID: cisco-sa-20161005-nxaaa Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affected device during the negotiation of an SSH connection. An attacker could exploit this vulnerability by authenticating to an affected device and passing a malicious value as part of the login procedure. A successful exploit could allow an attacker to bypass AAA restrictions and execute commands on the device command-line interface (CLI) that should be restricted to a different privileged user role. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB50dgQAIrB5QpyIh8qhoZ2M5E5tHaU 8kp4One/3FfMzgACfWpMGR51Cwuz6janS3CvjsXdVv5G6NNlUmQr2DTq1/WOy18+ ZLPdrDUo9CCwOxCm8Xg4dWIud6KbioaVMTNdC5Ut7OvgkjxWkjkBZ2ZqELai5G9G eZQ13hvNmUvNt0FH2Cd+fN+jyVv2Q4YYtPrwQ5028vSn/eESfxXi1/NZq5v/Qw9c YYEonqDugjCEj0i3YfQU7gfSsOzSdZ3BG8l3LAFr4Ciw7yETDdm18oSUWM/D/1gf O7bqpoEZ6lxBNEumfSJG/HHVMqVvYrORjmy4pSbtHq7gVCigqNCv7Bh9LaWnoy5g E2bunRgPR1dtp+9a9mSFdrhyNYI04Eg7HcIcLSaDtdAHJVTNPJzFIZLF11qGpuQv Fmy+F14rftAt6jOmuuBbYKh01bK+nfVSMATy4oLh8eCoxjwzHigbYG9gz3Ma9xEg JZn4EytMq7PHeU8rlUS6BaeG4/SZJ5y9giXRmwFkkKtdXRWIIK54KZalYvgjz8GG /5NqnoVJvL2ehr/c1E8c4x0XKKwkCd+6MwzXXfR3rgyXa35wLl7vbM0jI+RfJybS Qiw8wDZ44v05TP91vxz6q/bh0KBUo+A0PmU9GDqQoJ5xAEUeYl5K+ugWGKAauDKR WgrVbP4KcUSdQAj1zgZ0 =NOCy -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability Advisory ID: cisco-sa-20160928-smi Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to leak memory and eventually reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling Smart Install functionality on the affected device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB5z5cP/jN0FAtH3nzkV5QMMWX42dEB 2kA0Bb2OkL6FUW6zp2mRsGKM8UwpKAOgctHYp0SLpIxQC3SJWCaavIqlYQ3noket 4NEaB+P5wAABkq4m0pxa+NorF6x5VbA2yU4LB7kgofg6Izxso7QtjogPUy5r44Cp oDV1CGC+oTjfizg2pF0Bj3vxfwv5hz2ZCUWq01fs8OF6N4lVs18deskLtLvEOPo7 1IwyIwJEUuxvR2XjRWbTgTt2HKmdgGSpbw9TVaYcBoMCFr/k1uhvgA3b8KyH2az/ y4Ao6EmgvI2SalJlTpmTPAeNDjSmSbnatq2nA8IOFjSn70OBtMcSPUfbzSZ5wLlw HnFAkYuBNkzkMsj4+gu5jayQcUVvcxdL5Zco0hGaAYgjUihh0PHfYGBsEkInvdE/ 5X4axai/MH/zLDrO7YHwvIPVXjmDra+evSxhl7FTxhIFR22GdJ9VsZE2JdvNuXU/ ddiqF7htiTMzT2GF+zLAL8aQdjnw3Ft/F65U1VR8/Rdxsc5kn8fyKLxmjPiPuyYK VcoGq2sC5foOBdKXi6k7oaOoYTgiSyTxah5s70GZwirLGfL+6vDVMdaSqljX4ot4 IuhX9fAi0gaMXpGEFEf7SAF4y91Skr2DQWxMWhNkdJ6WFPVXU2aE+G3Y3urjPR/O cqKVSps53RqSlRhixPBF =DfQ0 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities Advisory ID: cisco-sa-20160928-msdp Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol (MSDP) and IPv6 Protocol Independent Multicast (PIM). The first vulnerability (Cisco bug ID CSCud36767) is due to insufficient checking of MSDP Source-Active (SA) messages received from a configured MSDP peer. An attacker who can send traffic to the IPv4 address of a device could exploit this vulnerability by sending a packet designed to trigger the issue to the affected device. A successful exploit could cause the affected device to restart. The second vulnerability (Cisco bug ID CSCuy16399) is due to insufficient checking of packets encapsulated in a PIM register message. An attacker who can send a malformed IPv6 PIM register packet to a PIM rendezvous point (RP) could exploit the vulnerability. A successful exploit could cause the affected device to restart. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB561YQAJOjzfSJejNp1gjlewhIWplx q16B1gGQVWYLquXpaVrvVvelMZ7pk3JD0zrH2MVh1s/TUNEqtm7oJutt+KWAqoNU Z7m0+uo/wE8S8AOmZXR1tu9KY+z8sFQp7Te1UetXA+S1F6pz0vy9OhkuwTcZNj/M SEr30EodtSLpQMC/MktE5gnTB8Bw6hSNYdDg9Q9gLpL9tc8466rSCJ0iM0L+wEYD 7eno/yufeV6KpuabR1tCSVgvEdU/Z5SSWspbaRQbFdgnQyN+Kux7sZ5b4rkhGd0G SW0GjTkD03ITVlwoiVhIdI0VwA6A8MVgfKRTEqWeNGvwQOOrPUsI5t1u/OW2quqe oCihEzcVIthTpz1GiKoetpC3mtzxvn3kPRrCNZ4ah4AygUSMGvq4hmwxFvX81i9s iFecwbSszNLHeEFhyOt8yaPiYpB5w4wmSYGztr4KVWs4pPWKVgrMhpqwqDd4nzmI 5g4sh/AJdQysHznUe5DAFCfPDulJkylZN4MgVQ+pd1RYWvrjTrg5EeRfVhAryiWh F5mTAGLuESO8QIsk/Vyk2bDcw/sfBcwcbGY6yb+7a7E7KMCllqLzJhI+XncbEyxk xaJYIbWbofJ46hWqGTz6RHDMjeWUdojruymZmvR+a20cHHT+qCAA5Air7JTlatr9 Oj07cuVQbR2OI4RUrH+p =fO6P -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-ipdr Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the IP Detail Record (IPDR) code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper handling of IPDR packets. An attacker could exploit this vulnerability by sending crafted IPDR packets to an affected system. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB5cTAQANacywd8Tm+umYNn6ThhV79U zon3EGAw0Ip0P7yivkLEbcreVBnzKYNPfI4MFcx8LoPjRIrdQ9zz5BaaMHQ0iuwE 48INPpKt770/Ch09xeJ3VFoMYis4KuTt1LxxFF0GmotIMb2j0tWptgTaKgzRbZkS ucskkvlzpzCGXULeYM5WbumoLG8r/shZq9YqhvTHeiunf346t76ouAxoJhM81EdA yyT8PDDrU7fpJt5yOUkQ/fqWW9jERoQMHOjSs2rtdQKNhERsm4jR0IWgkAz8GVAq eOAusgNBGrghvGpKDyskuBHewxwRO6VxY9YOnZIr8z3cimsuzd94qQ1iRxNpHXPP t5kWlj3Rf2zz0ygTV7Ed7mTRBgzBdVA9gtvbDLGAg4d9MCU/axSeS95iHRRzxOeQ Q3gjb1+uGW1yiNaf9QQ0X3OzPiqF3VLBeuhXXFAXRpMuPMRwCP14ZeIr6QtbvPj2 aiJUKDpRU9qewl4e508a2YR4Z5MWQERqpa4uFDHkgmT0QSYQVZjeFWI0AlBDFGkd VmNpqZsleXkrJQIGCo6On+Y5f7XAHPiii6LtWIFD46mMLtqGfkxnFduIR+b149e1 +ZxjmBRtLnyd1azIy6NRAwn+5pACLI4Zc4HsNmxuDZVxjEiH+TzR8IZ7xkfu8d1f MRHUGwKUgzfjgDJhIh8B =Ajyx -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-ios-ikev1 Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. The vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1 This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB56nIP/3nkibZCUPqC2Aki8HhkABUi CsKrKk/a/eG1Y+4yGM2pFIfUwVXUX8cjIus14c418CxuePCNZf/u8WcNcKnd+QNa WahXGn2krIlas7g8kJP8Pvk8nVyxYF10nR8MPQDjCyGXmuAbRdkuPUjEopDkMr4R xabgu/jL7M+ZEfnwbGZRhq3jMBiHxKhOSZO3qDZYKOMB3KALQBPL4GiRGO1eHrzs F6ZE6/l4d5GvtiSeD8WJ1A8oY3gSo6qD7VZcnDq3ZvHN2Elnc9WRs28CN70eh+xz VQDN7+Vm2GqvRgRSGtypk7vLmaeUnZEXQ5jpJHQFgTnp7n4elVH4dC2DmF1bYd/m M220xbScBKvVjjUihQechgTsINwkBbARAnuTlN+IL/2FQqF+XEmSMLzEgvTMD/gn aNk48i8Vx2nAPd8lzi5Ab2mvX14ss/tonnz6behCd5uqKU0UZ18bUEqc2haYAAM4 iWiE4K4SqorOHZwcpWSsJ7Vs72wmXRYnxzD2A2meTskyLQo5cJP6eqkK7Tadqf18 ao3Ao4hdVbkRVEMnhG9N1oVB5X9GAIsUMfeWEA/nKuomLLO37NgDEc8Rg278W6og SH75yARDeViyDQg7+AlZnlJlB82+ORgMlsJFBUD3hKhCQYX4Ou3GU5BccPxY4KAQ oWNuau9ap2FXdMVrW4gl =Ku7Q -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-h323 Revison: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the H.323 subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to properly validate certain fields in an H.323 protocol suite message. When processing the malicious message, the affected device may attempt to access an invalid memory region, resulting in a crash. An attacker who can submit an H.323 packet designed to trigger the vulnerability could cause the affected device to crash and restart. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323 This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIbBAEBCAAGBQJX6vstAAoJEK89gD3EAJB5IScP91+OWtoWaofXBhyamAupeKvx AFBO7CWNyj9HR+6mJbEBrPHoYuWgTpFIG/DKLRSG0Pc82hBV5+XcRZhFhehbI+FK qSvKkqpw2tjvnYQqT073UsZkfKXzkQrBYObwXjrSHWauonQFBZmZQTl05L9fxLtZ VkeFgrcMRSTWdVFs3NRvSdivZbCe0j4iYkWOW5pdgI6xTWoItgKxBOG/yVB6MNDN 5rwYlbCand/k8zQde58Jyuy+7RXH8p/w5xOxv0g7wjJJw5I/nKTiOdPgSr+5iBmT J10+jw0JuE0jQW58XeaTDYBAUIF/YXLY+1mB+0i2CTGgZ/ZRKOutd1a7yCRT7gx9 LMQgkKXVZq4DiGx4Xo2BgblyWDluRW4yniEMGe/GyMlkYGVtlTpAavVcp91X+b9+ VolKqUuSCq6Dee5zIT6rF+K8YOK2p5b6s+gfybpkx372UKM6kJYFtlvHR6YKVl/x TS/iGcc+2+qx4GcwUkRAsJCdUyOliKndwUQkDA6qlRLrCyK1ExlN66NJ3G/ZqBlJ ynacQ1H1HWp0EFZSUOd51RqDNOWzYYo3GORC77x1sP0gbCYQZ9uXY1orR7v+F+Mi mv7Z1NGbG64z7X2UuKvHxIQXwB/dM3im2s5bHDIIriyvJQVis1ghCcLC82urT0f+ TZL11sZmIHAQ4VpFXuQ= =5oY6 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-frag Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to the corruption of an internal data structure that occurs when the affected software reassembles an IPv4 packet. An attacker could exploit this vulnerability by sending crafted IPv4 fragments to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB5sbMQALq6iWNFj/itLZc129dgqq/x zNdAxTVmQIurF1ak4RpTLzNPJM0KY19ymXVOe7+K5vEz3mkP59J5T7vzNhR+sDUa DMV0ytPhXSmVQXxDBYE3ChiVCcSoDcStK8pE50aHY5Fh31pUsFZQSsE44mTOA9f+ IW8DRJEwZghifgefBFbv5EncepVof7GoZAaeYaefhGevkIBLIjf8YOZWiDbB3taH UW0+Y7mdKxTYFP/z80kin/xrVYbSYfcrjlKs7OFPUeKXx1Mlq+HeNRYE06H5mm5B 9uKJ2+AdnJ4CTZORiQ+/1DeDp1SL5PWpQpGH511kJvDNTEE94qO4uoRU38fsS8V8 dyA0A+vHszWr2Pm6pYXoaY7UjO+0TpAeTQF6jnCjpQkSNMNevBanG/z9OGir6P9T DVhWajmXwL9AI02yy8irulpfgCpnN6i2HiTLRPb/UPuELh5rlkv6B9N7qvirWiUY L+8Wel3dXa7tWIBcKC60bciaxeiYkn3ztyE9OixS9xkdZIzV3r15/I4+LXZbSq3z TzVU1eg1qRQsY4EauIMpBeMEfU14dgpnqAE6zbi3GsZy1GEL27VoDEVYF7qX6zPe Eodo2gPk9HgVbRiaK5gj4rREVmEkeXJCK7mJG82asiCByvaJ1wDBMPUtwtKsm+nE YWqDvhZqr1gIfWoEwAD9 =/dTu -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-esp-nat Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of malformed ICMP packets by the affected software. An attacker could exploit this vulnerability by sending crafted ICMP packets that require NAT processing by an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-esp-nat This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55ZkQAK3+Rm0PWnY7f1hzQe/svkhg lh6oi0Kg7UfdHcBpqMd3N/zYTePjD/DTwbGAV0vtgMhPGAEg0Q0L90GE4H5zudgU FktSxr15lKSXpZFooUjQFUSKjqTgDoxV/l0LGy/QqLx4kILHucQly6L34n5O4v1q OdrGjMKzGlG2AIxZOK9VL1Cbvh/XdXInmiOTfjcJrxJ+MMGtK2owJVo6n5jmiaIK 7gIfFdZmI6ODKX47SmRQRe5QWj0pB37zN+RO6N2tN2FHXu/3Wyt4O0SAvbCHhcWu dxRZRhcGUb97xHAJnY5hGRNP25hecl6blq5LLE8vt8G1IIMZGaDFVk+fu96IZ8EC sNgcX9McYdlKTfGfTcgVJwzBp+sFHgrLZngY4xOMKOCKssKT44kO7/WnKVu4jyeQ 2jtaWm9s46dbXWm7poqy4aHlP7tSC9miZXyR25yOUSJqWSyhFRBNsiixuw3ocJtT oBm75amZwqNbxZAM4MdA4h4KCfzM/w6WtBGNr1sGzoP0E5oKrSgKLIpYV6QE4916 lq4GPn7v3wXKIoHNskuNivnAEKspn5qy3RkJ6cdb9HfFrjyq4ylXDBiwsG2gzCoA 7sJRBxRTe97iDwI/33BtFtYBtpwbHlnD5+ldZb4mRjfKUHPJ2jzgRo4WEvRoOW9C 0dgRoK3Me1LL/+ULExyS =OKzi -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-dns Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the DNS forwarder functionality of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by intercepting and crafting a DNS response message to a client DNS query that was forwarded from the affected device to a DNS server. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB5XWkP/itLASjeD40VVxzeX2jqUoV2 mk3NvhsP17XepKKjtLcITjTxLfVl7Dfwj3sThdqZ8AcE0bNnP01Wu611pc/+LoE9 Glp82vHWQML/0SrcD2dLzr5k9VamHzah9cb/ueF1Dh7FhS8geQp5/AqlpHwEgoS2 7HDjr5n7Sxy4+aJpt+hYkl+2A3WN8FhvEnZmRPfajOowTX7d/M5ywada+Pi/A4D2 xuV5DTRxO+ujzcCEF4mKE0X6wI5LsC51F4p8fxSgsOEugxmYAhAcw2yCTei6OmGx Nagx4xSjlgGV39cJTxRF9Xpgeyw/fbsFPJrcsDXUzByRTHuRvlj7Z7haazn9VtRV kx82+ajlhPW3b63PEvoZ6NyiiEkqxaEtIDANq8MHHCptfx7W3VIP9qfx8bUF2cQb 341IhmWkHBhtQHbl8h7IABrjhNSti87njPG/hopkOfqmBr9nEHPLlaPUcKpNd9AJ 7OaRh+yPiHMMGitUokwHTFS5QrmBdTUsEGqqUEZvpz6hY3I8mNTndcXJKiNZUT2n 9Jj+5hOfLej4yJo4F8z/iIo2qI55KMRMAiqsJMVnfj9xilyczkOW6IeXdvRVUXx5 S+94kX0CRhAjpY5OZPHDz+V1JCPIuOhhhWlRcw8khpBeojKhtSW7hzPsv+Pr5tvp UlQQldBmKnA3nehuvIEF =4+3s -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-cip Revison: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Common Industrial Protocol (CIP) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly process an unusual, but valid, set of requests to an affected device. An attacker could exploit this vulnerability by submitting a CIP message request designed to trigger the vulnerability to an affected device. An exploit could cause the switch to stop processing traffic, requiring a restart of the device to regain functionality. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55BcP/3jsgDFYqZpxEZUO2ZJaXn/I cgITUamc+GyA2e7GSr6PEFqH8IY2GjIqw9+yeJY3GLbI5yD7tr7W0ssZHR/8zKlA Vd2Cii5IPb0MScMMD9pr4jVzEDH8t3HbBIltM3/3v9Xhrf6u+NgxHXb1V9sJpXOQ Q+2FUNsnPHq0xP1/ukdL+NkO/Znil5HasxNlCDSQHzCEg3+Gv6lUIXsCd3fdYeS9 UfWwXTEM3/2cPMC2sNst4k59T6p9t5wC010OqmWkkyqy0+poyWGmqv8upX7iwq+C Z+RprABHZh5lJIrk31bAJRTdRpe1iAwRQw/FBU3AkxTMZpE1JiDOPqEKXpvIm4MF UKCBXKibP1TAZnpa/Od59xpeOZ7lm7Iyr5J394s+ke1J3g8avbU7t9tglIYuBkCx rRbcik5osYpRq0Fy7YzAFNb7SG4RlrLjunU/A/ieDMVTyQ+areRl0vdd5F7Z0bDF +fowEopXbgFTWl1FdKFXa0wtwnY+YDYKYzqUfLYeeyLjxNWrj52HVNA+L5ICd/N3 gyBgbDHnLvBn7WlTJdlW4DATG/hUyme0vZRWnIH8QDR5T+U6gWWCTme9ljnsL+qO DFZrDRpgCbC3qbAD8mDHjvDStoq2gMlx4vdfkdeOC3l2dGtfRt30XdKXQ1mYumH6 6ajuf0yVKs/g0HJJ97Rd =Jpzz -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-aaados Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Authentication, Authorization, and Accounting (AAA) service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the vulnerable device to reload. The vulnerability is due to an error log message when a remote SSH connection to the device fails AAA authentication. An attacker could exploit this vulnerability by attempting to authenticate to the targeted device. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB5QhAQAK1qcs2Tofs/jtgm6V8kf6/T KF1o/mYTtsWhv+ktaYNGRWQAwRmeBksGPfkeDuYmj4uhtRiPAUwDknbBVnXd24Yv RYeyS8tULGH/PYUZnWOcxc3dee/+OMBnJjkbY3MMtb2dfwXOOKqIShrKoBvp8ZFc GBbD2vqh86qxPTS9OUgPrR2RcmeqC7GwAV/iCIYJs/lX1E/BjgCbW2YHNBFUwOk4 f7v/fB5eeFjTT/PTgVZXkJJXMgG1P3z8qDZLkwUtvMrdOixz/3d4T3Cfro90mrBV l6TXdTQ+r/rHGRLhqE/m3eTKGK5471WoeiPbS40WBuDQN2h/Li52s9B7oIpTX7eL UeZ7BpjxhRzJqB48mWRnmRh8kiXykgcnCiE5PTEKtuo5HMRmj84Q8vxqNy83ILTK WDCNYf21KaSxnWF2vWqcg11wHyrLvbyV5k4nFaRG+rUukAPTjqolT+IyjrfRA5pY +boX6cergmOnA+ZFIsYU7Km+c1JE0syOdmsmtMeH2EfmRS27DqrhQy8PsPPzY/wQ Wyk6Z8vQfkuAU6qWoD7QfanfQA21bhzmyXSB4+tbBLpuUyG1iLcFWj77FZYdptI1 7Iutbzve8/WulwBbfSCWtWVs0pk/PU0D9bVSSoa5mwtuXUuB/2MNn/nH32Trr1h4 JgDHUl8OoK1XzRBxRuK7 =NlPr -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 Advisory ID: cisco-sa-20160927-openssl Revision: 1.0 For Public Release 2016 September 27 22:40 UTC (GMT) +- Summary === On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as âCritical Severity,â one as âModerate Severity,â and the other 12 as âLow Severity.â Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as âHigh Severityâ and the other as âModerate Severity.â Of the 16 released vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system Five of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV+r9R689gD3EAJB5AQIs2g//TXbk+qIT/kKxt/MJOUQLkID2tdWZr8Ls 2vcQm5EI8HKr+qSFih3/jyRl5A4LSZsZjQPIo6IxpGKtFLBleBH89l+4rh5D9Hit /hpQGgIXt57yUug6vHqZiU/zh65pifVCOqvu2E7Gy6pd530AqLhRjK5IKND4GFaW M2QPwrM2DYchWBuFIA7/r63HFQneaZqzHfR/wA1hhcvWUkDR9h9DaLbX15vG7CHI J1rAgywVeLOMN7VjDwadvtNfDECnLYeSP91380oL6dB4zyeO18YoHHHYuFTphRSb umz2zdU8Ku6QBXnUvJjAW3QtzvPX3scjXOgeJqHMLK+38tPkoHZvQeGRfGNmKDEQ 0fA1xFQLlRtetjKGC0L74IjdUXklvyTuGbn5P5CP+vBTLaWCcc/rqfY67NfNtIqp SKz+9UtprxAlLN3BKkCSzIiKS3BDokbOEORHCEYEmbYkwUNVp0KEXKgAgNlFO/BS yaL+CDxxiRdbnFixUcG8/xQj584xwOm/cp1u8otySYfSd70oTMqP11VXh+WB+6hT zHhSMOvLzpLeM++m121ojARIXbXTQLGziLHaRSi8WH+OuB6rceic0f0HwLlBCRlk LFxQunW2EawYlJGV5Czld4vdoHBSDGcP8bOg9M4LUtA+sKCGpgrTPombG98mhuut 7i2jUMZa7K8= =KS16 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Email Security Appliance Internal Testing Interface Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Email Security Appliance Internal Testing Interface Vulnerability Advisory ID: cisco-sa-20160922-esa Revision 1.0 For Public Release 2016 September 22 16:00 UTC (GMT) Summary === A vulnerability in Cisco IronPort AsyncOS for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to obtain complete control of an affected device. The vulnerability is due to the presence of a Cisco internal testing and debugging interface (intended for use during product manufacturing only) on customer-available software releases. An attacker could exploit this vulnerability by connecting to this testing and debugging interface. An exploit could allow an attacker to obtain complete control of an affected device with root-level privileges. Cisco has confirmed the vulnerability; however, software updates are not currently available. This advisory will be updated with fixed software information when available. A workaround that mitigates this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa -BEGIN PGP SIGNATURE- iQIVAwUBV+P+c689gD3EAJB5AQI/BQ//W+L7eeuGgXXRHLRMiNAIDGGp0mJNgHDN 80gV4SgekN3sH3edvIl6kjwfnZv0sGciyNX9nBPF86bC92LG4n8H0y7XiR6DPynK 2nnLh+4RAsub/UK2UBiPDNSlxYKLBRCJlGx5HalJ0KiEd98QcizCDzMrMMK68YST 50gU/giCRYq4NeNySeSuFr/i+y2+jNkAKJ5bjX5XSJqrxeQIYMlR+K+v2Lykzedo Kjx22pfXFWRVJpFslsEi2Jkjsd+/XI7Q5TZ/I6EVemMsWg3NhNKgtexvqk8tCW8/ d/mLEED3xE5sgjlhP/p21m6bMvujYWqBGNK3fp9zARYq4VFSzLvq6bfvLZb9Wg2h ivTJbOJ6ZA2Opb927GIpKnh0NMU/I70l2h2mJKvvy9poahBVWBejSzyfWDQDTwFH p0u8UsZfGHQNYTWe3o/BRTOXTBSjWmbFkmUvGVcfwXSNEVMoIts52bcLAC2/5Fhi b/l7LZaIjDfL6FuKhCG7Bz5exFGXSIj1HHK6T3dSp8bnDKpdOWEhA+MkFFRn277b GZWHWM+kTPnax/J9JtbFzjmqCxONmvBE9VXlZcOJ/v/5tJTKPDa0jHpJeHiM1eQA 3eXkqjM4p9xxY/IDvLtkd3Rqmr4Q7aKLnbLF21KmkXP6FMhYpNi0JvKxCDJn6hIw ag7OyYxmpr4= =KiWC -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160921-csp2100-2 Revision 1.0 Published: 2016 September 21 16:00 GMT +- Summary === A vulnerability in the web interface of Cisco Cloud Services Platform (CSP) 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request. An attacker could exploit this vulnerability by sending a malicious dnslookup request to the affected system. An exploit could allow the attacker to execute arbitrary code with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-csp2100-2 -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX4rQkAAoJEK89gD3EAJB53UEQAM+JzDD3kO6KPYmZYhe+f8j2 625JrU7AZ3bdn5IKJcje16kxJ72S1PclYFj7hCiyWYK8/SIbIyVLPdzdVRNZUD01 mKd96cHC9bM01FCE9BAiZ3bb+HDQi/VDgG7tcOriPkzu6sQz9x+riFukkhOYHA+h sudNKaDLrPuUsXUb0EkjwitwBI+l2THRlyNou4SRHVx2aIWtu7QlArouTTNiJMDx jIHFxyBm9Lw8Bc2QFXl42sffUbf74lU8BKzGgIxVgXgoD53yxqoNMYFf95JfqrxV hxls6ncBHrxdN+jbccD4OriErKLuqGUSZPHG3c4eAIYTS+B0qFlklwm45I7QYMdO wA+BSwqz+4H2aaNttuYWCon1ryRJCHy0Yys173K9ZRIsZF3S59aDAOOzVlWU9kWP iNdZ2b+WdjQtEbsdwgj3QdsLUttjT0pfHlJbuBB31E9UhJ/BZdf/2bDfi+MRUSSS zA/WN7a6hvw6Nfh/XFl+BQ7jru+RdWur/LqzENhl7kQUVZ2zQ40fPqANbJT9dzUD OLVcw/Ciuf8T+N1BwiR+aRILVlDvDb1N+fjwLfDoLUZalG/W8geG7+qNNt6Deanl F9r9usPIs7Hd+H3XT+hwgG7higiMk2ilA1bTveRcKTsaeogmNIaZd/1KFRLPvRj+ qIPI8pHxCE/S3Uw2Wlsc =YgU2 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability Advisory ID: cisco-sa-20160921-csp2100-1 Revision 1.0 Published: 2016 September 21 16:00 GMT +- Summary === A vulnerability in the web-based GUI of the Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-csp2100-1 -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX4qcEAAoJEK89gD3EAJB5pnQP/RkhC3wsUC1bPwmPjleqpSck d8GvNrfAw+3GgMkMj0WFoHKvszo2/Cm6Ao1mIz+Rc/D+g2uZOQmmnuxXflc4Trip Vx+jjSwH02j3q55sj8bGDrSezmpHLEshKn85Z2wBYFRqydxkXwUXHiFpLJ7KKv1n 8ASMBScusjxc63KrleLFpUy4vdVtnvVSqlnwVrb36DrPnBQ2r2UpVGtQAvkaUU4h V8wOfi+kR7bTXYPkBV480BKaTWA/W9XJVxlYPYhuo+KY049E5osk68rEeXYWpC1H k41aT3iaLcdz/0m7tm/ycBjci/97bAbwiG4Kl4zOXa429iK5R4/sqgLsh1TyoQ71 OmjxZj6LvR3E3R+lONm8Htv80W8VGWRpeNTr9hPFC+mtHTx1dAl821oJC7xs8Q/W 46isqjdYUohUa+aN/ZJyYJeUfC2DRHE4X6KtPR/fry7sWgFzPWzVKZU4tEjlTDPT 8LfNgXb6pegRyLZmgd73lv0ngGRwZBFVuXqL9kNFPgXf7X3PTihUWcgQ/yFuXgDo wVQmLEYzzxnt7/T2TVgLZ8c5jm70kFjWHWxwumVYliEnfXYWuOKHE2hPXuk9T9W8 RxD2ZBKI/gZtOimzLFdQIqvbqJ1V6gbo5aZDQGWgdLwfdMaIefhAdUfCSCqQwrHe SKPu1igJkamlZfkkl26P =SK2h -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products Advisory ID: cisco-sa-20160916-ikev1 Revision 1.0 For Public Release 2016 September 16 16:00 GMT Summary === A vulnerability in IKEv1 packet processing code in Cisco IOS, Cisco IOS XE and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 -BEGIN PGP SIGNATURE- iQIVAwUBV9xaxa89gD3EAJB5AQLT6BAA0Wu+va2D7PlcKnpHHrmYwCwdeHZr6S9h +VTOhzWh7JC1jvGWUcz1mW3IOptKvN7Wb4GY+nI8YVgXS/cd4Bo8FSwOla5MFS0J Y4LKo+kdEtrOuiXNiqMAdoExUXtCHYm08L8WbLS/ES5UEoTB5hO9EO8HA1wRQ/Yi +/6pJGmseqgINIaX2eeqi7jjRB+47lbUoS/rlWAAuzskmK76MOOLmMYosNWqIvbV Ja1f9/wr0rO9OCBuBbZsPfs9YH2sRF+q5uzxnt4bJMBN1smY/ow9dB59tV6caNff xM2CQUhB6/0EyszMRvjANt06g49nOl8hixJOzDz+TaJ2xOR//K5M8dhqguQ8J42j cK0s4ayey0ks/qOdxsK34q4Q7OuSmWrJJIAymypgJEVZ/VWK54kJIU+OOfMvNqvC cOPUfE+kjr0SHqHMJ5aNJwU3W/owCTftj5QDRinuoe0EZ/iWE45d1JMZJAQpJsTU 5XDY/QrZiu9+Drj8RsgWeoiEtpO9Wep0cIAXoOFwXE9kUGuw6yngv1H1q2BF599N kHa+5A8ULySwKWwFUa4/XGvMITAQXOLIdUFDGRfMozegFPOtDj82cepPt7yIxfPG fGKwnvi5wPT/b9JoMRIbmahNHHIKJbe6Z+J4+i7eK3Fl6Syr9HtptZIBta3lCX8Q UAD0xvStymY= =s4x7 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco WebEx Meetings Server Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco WebEx Meetings Server Denial of Service Vulnerability Advisory ID: cisco-sa-20160914-wms Revision 1.0 For Public Release 2016 September 14 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper validation of user accounts by specific services. An unauthenticated, remote attacker could exploit this vulnerability by repeatedly attempting to access a specific service, causing the system to perform computationally intensive tasks and resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms -BEGIN PGP SIGNATURE- iQIVAwUBV9lgCa89gD3EAJB5AQJEQRAA2PIWDz6cY0TMtxgNJWG6+/3+XknjChHk Ulf4QOVbbz/MLcCea529yCvVhdx56H8LxPJrzR7KnsuOoXqLarzIitZWJ8bNupL0 2FRs6Y8LVEqku7mJOtttVkpezrRJ8TUc6Q9qkDd2/vuKXMuBiLWdOed9muy6ftsO EC4OuaLrG3KxFesk3Emkc1m5wkF3IuR4SSsYUjeCQLz04B2dBvHmDw57P6/0SAPr QpP8hnV37CYB5/1X+HLI6z+5NTlU0cVXOysAuByMCp0jCW0f3mrzDrnyf2uMbwFS i6D/INwAuBR4J9hSWnC7O5mPgbu/7bjQs/nBAPiIWChqFt+uYbXVnrDHbmkoq1CS UnNid4wdYhn+NZT9GXSrHikQyTNTCL5d+tqz8EoPpdxao77aK92sRljrdQigRKch fsNiuJIo/dEalILM4rA8yk1bhFzazUWaqiQZLpY794ToTKYV3zlPS5a4C/ANw86q JPEBikz+VIoGYsG8567pQolQm0Fc4dzy3OIcPUlHsT6rZyh8ziRfkyhenPT0fKcb tSY9Cp88qGkX0fdwjS12ZmY2rpbKCmYkJG6WbubJTuKMxwkaYvA4QmIuY/05cZv7 J12GijFpEbReA0JyvsCHEvPiatRIxYFy1hIIv/AXR0ZHs4he0JSj/3AjAWUe/aDF V6Y+4lA0DJs= =hYij -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco WebEx Meetings Server Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco WebEx Meetings Server Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160914-wem Revision 1.0 For Public Release 2016 September 14 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands on a targeted system. The vulnerability is due to insufficient sanitization of user-supplied data processed by the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands into existing application scripts running on a targeted device located in a DMZ. Successful exploitation could allow an attacker to execute arbitrary commands on the device with elevated privileges. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wem -BEGIN PGP SIGNATURE- iQIVAwUBV9lf6q89gD3EAJB5AQIoJBAA5Y9/x54ie9exP/AwLfmAuy4YyrkNJHDA /WyCCTj9LcoLFvJQxnJAmTxKo+Mcdjr3kRIVgvqBA/uJUWgEg5qenDKwez2W7EZK QOtbL9C8bRug4yFo47rJuRbXgxtCuHS/v9Wmldyk2Q9DzA4+Mb4vR255p7qPYrYs ZHRJl8N7MBGDtWaz416sDwWWiN2Xm9Q+2h3mTPH7nJLWFlTKSKTMHjhProansYu6 wjqu12ie6PvyoFDmR9NUiiLX96fqO2vzigFDlAfZLmbRTlSbDSzYym8P9sEB4NT1 yv76VtE7s0MDSULPtg9zOtS4v/9Km+sSfA1AtimEwFQEdwGB32lYt/tmSGVT16d6 7zj9Sa+v5FQEWPaQDQ5C0CdMEnL/BkdRmp5L3Uk7R12qsA9kYRAvlWARAeOBhM/W Fg9yOsSqTdJyAsExqZnLmdk005/S0XgxckxM1Lo+z05w4xMyhKfVZsWGKwPci32c ENN/FnqFdMs5pHTeRGtotEzwEx8i6IGHdEsi+3Jk0ez8LdIbgHKXPbjF8imV5A+f TciTSXx61TNx9XzOb0TTuv6ECbcWkPW/BAG9HndceoeOHEmjsCeX8KCXfwr8Ua0B 4zX4mH2MmNwTTrji+eYas2nppRZszu2MzhzFgXLuo0Z9ksBNtZa9TMnZ3zJV5z2t KECiQzGzfgw= =dXSP -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco ACE30 Application Control Engine Module and Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ACE30 Application Control Engine Module and Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability Advisory ID: cisco-sa-20160908-ace Revision 1.0 For Public Release 2016 September 8 16:00 UTC (GMT) +- Summary === A vulnerability in the SSL/TLS functions of the Cisco ACE30 Application Control Engine Module and the Cisco ACE 4700 Series Application Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incomplete input validation checks in the SSL/TLS code. An attacker could exploit this vulnerability by sending specific SSL/TLS packets to the affected device. An exploit could allow the attacker to trigger a reload of the affected device. Cisco has confirmed the vulnerability; however, software updates are currently not available. Cisco will released software updates that address the vulnerability described in this advisory. The advisory will be updated once an estimated software fix availability date is made available. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV9GYXa89gD3EAJB5AQJdyA/6As6KAlNIrMNN2IGR/FwEHVttskJhNOUq 998WL4vt5rExzt41OYs2hslDGoGVkU7y3BWOYOtXs2deYFlGeflm+VC/ITg0UCzP 7FCqUm0yKCW6T2hwJyauRbbbOrlbs56YRmfUDUwmL9B4lYm03/fJen18gdS4+G/g 8wTKw1CfYklzjKkGvR0BCXmlNWEpsYfsgnozHUh1ZnJgU18fQ1fADY78aXtY34ID 3WqIQXRAHgK8aJE4P90VAqcVyRMbbfqMmbX3SZic5GjFNo30tOG6mUD9q3R1kX6v cu2T22T532E4Ed3ZKujbdbLfw1SY99ESLLh5VLBuih4vx2C93ZTSFVr5elQwSeqC BqiBKOaqMhS1ae7HrgThifayRrXa1z15+U4CMf9NJ6FieH7Jib7/W/J8V4S6X4k7 yk9TkVr/hur7P61qXzLdSRi11mCw6pt+Ed5rK1Mb9/sB9O6ddXQJQBN6e8KCvYCU SyEUAGelAffekTPfesLD9xpE03Oep3dsiX8O/yJagTdQQ+DWqUbxSnADm2PfHVS6 ZPdrGDmXjgRnAIVpPGbZ1P7EzotCdiNmea4POdFf+Xvg/F1pdnNJKrIed2R+P2c8 TUnmePi5oQGe4uVChUttKYmBjU79sp95l4G0r0XqtVFuKXOyujQGuf3y0IQ4ZCiA 4E2s2KryJkE= =eB0d -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160831-sps3 Revision 1.0 For Public Release 2016 August 31 16:00 UTC (GMT) +- Summary === A vulnerability in the implementation of Simple Network Management Protocol (SNMP) functionality in Cisco Small Business 220 Series Smart Plus (Sx220) Switches could allow an unauthenticated, remote attacker to gain unauthorized access to SNMP objects on an affected device. The vulnerability is due to the presence of a default SNMP community string that is added during device installation and cannot be deleted. An attacker could exploit this vulnerability by using the default SNMP community string to access SNMP objects on an affected device. A successful exploit could allow the attacker to view and modify SNMP objects on a targeted device. Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-sps3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV8RIrK89gD3EAJB5AQLthg/9H31fSwIZPl77TIHr22TNxJxUro4RCWic mN8tfm4DidmQOL8z9KKtWUH+bTuHJG7jN0JMHrON74IGzJabGaH3cGqCnYpePIrg kgJCSkv9nnjlSGADEpCFg5uQ7dCpSCLbGJDRcQ7fY1Dfbu5WBpdNd2nUJo52+k5F ZEQxlSrdWqu/ki0NYCUamEg0PeUslwmSUr2FxQqD3qqb/Hqbm7cKNj2bkAn9ahna J/bJjKIgwj9/l8S6cQZXydgPucH6rhLRGQJ3LrVyvkUbN8zTC7fYslSjvmOe0t/x bZsgdp6pARZSfdOvoGgnpayPlVSFlS80ourZ5H9Km/mbvDT/4Er+hyPO7so5R0en 5FKUmoTiu3rUrQHdq4lfGO+PZ6QX8f3vWbmRcYPSNFKZEddiNPo3SAXBieLmyD0N ocDEmpNg0KJWspkHLfkYav/ET4U+f0EfEwcDzYvg8GRDC/AKyh5p2aSGBe0m+rvj 91fq4Xoh3LDSc7Fb50k3Ky34ghZ9rbBIAWkQFRrF206cEjukL4BDcBB9bBlf70A2 uvbK8mx+jxEYm6uBmcI1swsAy0B/UwvBhkI1bmn7qoNwjg9uYev1k4+8qD8hsbg/ QJBOWROIB+EccA3/aO7vXeBuP4XrPY8Ud5w05FG4RrWYWikMf/4TP84vXV0lZ14D Wt5Q3gIkvJ4= =Jk1q -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability Advisory ID: cisco-sa-20160831-spa Revision 1.0 For Public Release: 2016 August 31 16:00 GMT +- Summary === A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of malformed HTTP traffic. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. An exploit could allow the attacker to deny service continually by sending crafted HTTP requests to a phone, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXxj/MAAoJEK89gD3EAJB5fiQP/iXbjAHIcxAZFq/nuKfScFTR Tukk4gfyLP6SA8LJwHPEKGPeUrc/u5yC/UtqEUGEVGivI3THG+o/cQllS9Gry8Px S4/2YwuLrihii68jEB4FqKrLrv+t8TpsQKTz9D//RiHeQ5GLQ1NIDliRA2y3jh3k yG4txfpOrOjm5flIsL7nEdYt7eGqtJaJt5bfrBv2GFkpD3rGhKcKKYhV9sfisZe7 CVTcePwVvLSGd5ClkRbVJ0xDhMT9fCb9tsi1FUaMZwjL0t5UkWfdUpi3KjHxql7r GZTBCOmcJ2ALMfK+mFTTT0TvlfogZs0vRo6PPKmYh57LDQ/sOZlrwBN4hw+2gOK+ wW9uQZMPixo1k7CL7NKbo/Vetm43x0yHJqWffgv5AGHX1RwLLR4Ccf1/PoQqBsh0 fKHdoXjvvLBubC6mvKvG99s8q63whlAz9OwhrJ/J4r9J/lLajarKyp2nJEa0ox7l Ji8rI+o+EdlBpT8kufhlZjs5ute7l27QOFxsy4YMZnTAgEO3M39fMlW8jnVEBnxI pKfgQJ+g/8jwSx3tHtzZA7OjjOP+F4Dj5TC1qcADrIHrk84ok2xojWqhTJZvO6yt obvtQstJtoVtCyNZxKaMKJzWaVkiB8fEI7aMGk82ioCV+SytMMKbMxdxhDlxq0dU kXBRTHvADTwjYYTunD6x =bB6A -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability Advisory ID: cisco-sa-20160831-meetings-player Revision 1.0 For Public Release 2016 August 31 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco WebEx Player could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper handling of user-supplied files. An attacker could exploit this vulnerability by persuading a user to open a malicious file using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player -BEGIN PGP SIGNATURE- iQIVAwUBV8blLK89gD3EAJB5AQI1zxAAx6XCth6kJKS7dwSUct2Bg0hBpw3oazvO k3H4mFLRgtAx4wX/bR3xoF3z8Fl2X2hdiZRZoulssR3biRfsGhbNvIhXewkRbzcB DQGA4LLo+XcCu+5mIYhpChTo1ncgBFtku7S0KI7lfTXEAxqQEflt2o5D3LzmTv19 c6R39nnyHQ3guY+7kggEo2TlggSe1SUFBKw2h7k1Rsc422y+d7l4tyLrNbx6tdqm r97LkpvghekSF8HQBB+rW/sc3h4qf3zIEuvVuuzFay+JVFChSObh3l2WHJyU4j8O 7SlqTzpNvb/19D3byKSTLVSEcadCTus1J4iGJCSQv3tN6EdS2Bm8aRNvg4G4BPXw kbtS9IEJDg2wFiGte7gWfpfLBhAhgG9FPNcPHzZRjRxIx/OgkGpiPQCuHarOv7Fg LlXs6GR+cZtn+A9yoohTV4RfXjvfNPUb1+w9jGaRTf5dWtg/XzP3NO7bwftfxAZ2 7nYMvXh95tic1Dm2CKjTCzlgV6kUVyIH2EmUKdvX52GEUcmKhY9A6ZHeCh2gXRcc HKOuyY5mmDau5HCI1AV0TROzvZTZO15Em0EePWmKnwt46Z+lzoh3vZWRe839qoSQ n4stxK0hTEVClEkQwj50GZ0XhZlm69m6xwcUEKNmbkc0Tr2jQuKkwLd8ra4pmMnK bWi/tKyx2Lg= =0pHi -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160817-asa-snmp Revision: 1.0 For Public Release: 2016 August 17 18:45 UTC (GMT) +- Summary === A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp -BEGIN PGP SIGNATURE- iQIVAwUBV7TBS689gD3EAJB5AQJ5Ow/5AUXrlOlk6G7j8/BpEITafFPjo5dN4D0P pZi1h0cyM5rphQpGruP4drG6cA3/uiH57Ax3zByLLf2Wjmyplk0Y4iaRGgPfTSc2 pvF3D8wAim6d1EyQQ/OT/v4pu9Jyy0ZkLP0G7bAoqAPO7KukI4UTYmqquj99ls/l 3FrN7nHRwETZzeAe5qwQ9Ww8I5JDZ5uQtrjQwtwomSQFa8K4I6q386uEWYmxcq6e rvm1NbbTZgX8Vnnz58ylllfK8HS+T/tjRaY/TRUTivHadtGelxauCuMO6Ii5X3PX XON36mZS5aeFY7YNy7HAN2AbG8hVYVnKg3HL9HHwxyNJ9aOLSYsg9AjG81BWetAe mIaUn9YJbKqBgsQVks3tFoZ5gPerMoU5Ezj25hzt1FZVusCW7btwA0ZnMb4HVBtj QjP6DtIdj/TY5k9UdaTztzkr5hof9clRqJfPfiEqXYq+23BLvBpJ70+Y+GihdxDt PwNZkGr6n2oNYyXHXWDnAUx7KH6lSpqYGLrp4mFg+3XBoHn14I1lyWgaVTdB6aqy 3X3i2cigFiX3V2HpvTKXth1w1t06ARzPauhu/lG2lfW6ABkUQ5EArggPIpZkQie2 4CatDaXUvlmyatuFfzE2i9ljGLszyMKU7rCeMysk8aONGENcGASV4wj3IY1xieoh jfrzb7/A86E= =bYcr -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160817-apic Revision 1.0 Published: 2016 August 17 16:00 GMT +- Summary === A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient input sanitization during the Grapevine update process. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands into an upgrade parameter. An exploit could allow the attacker to execute arbitrary commands on the affected system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-apic -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtHUBAAoJEK89gD3EAJB5R/gQAJNpnrqzsRS2HQzw6wq/e3wk 9AQHGBahR/l9C9tN5h+lsGVNOQ+o4KQLZpGe9qi6GDyy9WwHfCa95DgQ5fIfrLlk OUzgEpCnJ87PdLY6kBxK/y6doSY7Nwa8ilyegbTnFCurqYUOB6pYSR8+cabq4V5h GSdLBaBQlpJ0w/Ic7Q1fkOk64AgZvs4p6swuyOgvr9+NDBM3cRcaY64xWhSuM6EM Sxh0aqYiG0dvrn1ulWFLh39mL0DWWo1krxbWv1Kag5F2Jtfnhnrur4Vt8ROF8uYj igwrRd0k1cEbKJplzRpEIUMro4j0I1c0SbVtcs6+frovplcXB1mmt8bEPjwrlbZ/ gfLWSArj9E77SDYFSgWcEknNFoyOWZ/tmMJuRuK/JV8072SpLe1nSI3/ZX4qLT2+ reixn7kI91MWLRdOcUf2x4uj8P1cOTipItTw9WUNyIowTN3L5LDARUnCGG7J+/mc vzp4LKHG2nDeG1iA7bZx7wLuehkeRs4WPKtlAs4F7jNm1WRJNyQ+GP9Ik6dfcDbK 1Z8fLTlNzbE3GH4hBbWliZq2/dVUkwPPPI0t1aVhdkKKjqwrASlaWR/XVaf5uEuv rR4VYUXa0cRKi4wcVFLqyLoEnVD0pJGBGB87XGXhQ2lFlBJ9u9Gv57+nCCqP1egJ aBvnymLDgKAGUDyPrULa =S8Uw -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Firepower Management Center Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Firepower Management Center Privilege Escalation Vulnerability Advisory ID: cisco-sa-20160817-firepower Revision 1.0: For Public Release: 2016 August 17 16:00 GMT Summary === A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to elevate the privileges of user accounts configured on the device. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepower -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtHJ/AAoJEK89gD3EAJB5ve4QAK95Ceao/vCkUXcTrU74nbAa /iU1pUxN7VdqXFHDTRth7tyQYTeykn9xKjbw46I3PjLkr6yQ90r2tUvb80No9HiQ +PhTqYsI5xru4bJOvRRasOqYK7AqdJqlE/jx7MRPnY4RYcaAgXdX/+87MfEE2qqD DnypfDFOfkFaOCXqgqpZPGk5lqljJ2lONih8stkEpDpNB/xUxESgtLHoxyurDiqA 9UYVir29xnQSWYVMwJDkx/ejjOGzj875efxsRiYyKSD8bauuBkqjXbc0vUWM4maL 549tnm8B15kkkslyDnrZreRYsQQilcRg7zNQF8HTMPNhOVad7PtTLydCv/ObHvnh k9Qq2304f5iL/oi4xvJkFqcmJ9GojSUkdLZtWvSPEdQKSYvtUWGG1B8nva6v8dTP yjD15d+Sp8J8WyW5sMVRLhdyWLugbWJ/IVgehrOv7POPca91NIByqJR74RU3pU8N HZ5N4dscJouqx9WvBwuKoGags++3HWv9cDzgCaGn7iATu5LKJk6h4hB7I667dIdt ZtfHxuDV8Zwx+xxHSEPvhap/EjnAUeCNna+q6/8VA2cPrdh1SW4tDyVMYakHLZlp jD8qgfaNysYnidJIP855xD6asY+sFFgHYJLUg3FeEmB0utnxOazQDP9x+owNAquj 1ZrlfLwWvg5YcUdn8uOI =TMYb -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Firepower Management Center Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Firepower Management Center Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160817-fmc Revision 1.0 For Public Release: 2016 August 17 16:00 GMT Summary === +- A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due to insufficient authorization checking. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-fmc -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtGo1AAoJEK89gD3EAJB5v5EQAJ8zglRCRCJGkG3rhOCRX4DX drtIbjxvnY+eDZqwuv8UtWIx/vMbjbn5/U4Ns8igngPQUbjhDLYIf5gFNqOVd3tn VagiZDXE3gWXUXMYrWv/vDlWDqvQUvsQAxKmeC1LzlVolJE3i9xx1UDcpHUhLxs3 fRuiIiom6fJvjM6T8F0zTl/ycvpBRt9yaPM51caq3CmsoiCyM5R0pyucuN/qckBi D4R59eAytNh2ItvdfK4uDQ6oYanfv2+19oX1QuALExgKcKyEC69fM+/3O82hjoj4 0o9W1fj3UzjrB4PS7fiDlxrT5uEq+l/Cxu+i30u4qNMivIAL+FT+36KfOb0+qx5W 0qNJ5pZGIEGOATkKwJznmHCI4D7QKPiAJ5NPvmgHk0BD2vM9xpKKR6a2vWDdFnxr Qg+rwXSLfmHX52AIhc5CaeaGZ9y1Fuc6oqctG7pfqZ78fTCMXDQjhk59NwHXJekb 1JalIiwdSXGE6Ey0tLO+mi3y1oJmGC7z7jL8xa4nTGF5Tzuopzkzv/Ky9pICf370 V1Xs04QQCZvYKZjho5xTroVGJ25COBq2b0dVdBYlndPhsrRdLKWjKboyQyHHcRUi brCk9Rdb7kA5dN4r7tMBQRQ9cJ8mWpGm6cNy3zZAmzNGnCTIKqW2+DtLqq0ZPwZ6 RQ/+6TyyUZy/r4h+FGx6 =Zyh5 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160810-iosxr Revision 1.0 For Public Release 2016 August 10 16:00 GMT +- Summary === A vulnerability in the driver processing functions of Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a memory leak on the route processor (RP) of an affected device, which could cause the device to drop all control-plane protocols and lead to a denial of service condition (DoS) on a targeted system. The vulnerability is due to improper handling of crafted, fragmented packets that are directed to an affected device. An attacker could exploit this vulnerability by sending crafted, fragmented packets to an affected device for processing and reassembly. A successful exploit could allow the attacker to cause a memory leak on the RP of the device, which could cause the device to drop all control-plane protocols and eventually lead to a DoS condition on the targeted system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, there are mitigations for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-iosxr -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXq0sPAAoJEK89gD3EAJB5liEP/Rv+55HMKOM4QC32IbekVhxI Nc4STIpJo6t9aKJWCBdR7swlZdl/ofoShSsPQFgfW8Vjm/NoOIqpXPf6O3P0dlY3 tWgA2jyvYyV1rlpxAir398i/pTCF4e/7DhI+67ZNy8QsP4Qr2BR3XMzZSW3bn9ol LJL2FxveLkz2V01QjrM6HgstmpxUGmrbQvd2dxXexOVXZObdvHm+nHeGHGXCS77c Ercxh4uFwrenWe+h9oSr5y+txo8YZzogCfQNQjOuuF+8/4FYr5v40OjulBYNb4sp 7M8JRxmfI4ost/uVbODtyPvp7LBR1AmXt4z/anuq4iWrKSOT5XbiQF83TpCpeR86 IE/hWSCony2cz2Ku9yw0bc38Z28t1PR5zrm/ARU/BWyldJBTn1ww71IU295/FwJt b5Bfxt2HwJgwkRaGQJa0hKt9nfs8sEzi12DtCdHUO1r9VqsXedTNqRLgUPtTrTNA lQ4j5UVGvplzfn2ArrndRkbtDotRssvb0IyQ1YlgVo4u2Wl5WllvUgVOzb5lQIcn DNvcj4WU/SL+09JLsOcwzPqyt7Mf7TqAuz0aK4cONTCcff5jgAC2K++cAk8KpZBl MM3v4bgWMn/3SjyjjwmhF9pA8jxYCcfrWSXuh0MXnf5q+U82G6mpqmTrzegaAHON XAvWYG9thoADLmFBWIwd =hP4Y -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability Advisory ID: cisco-sa-20160804-wedge Revision 1.0 For Public Release 2016 August 4 16:00 GMT +- Summary === A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXoyuaAAoJEK89gD3EAJB5jS0QALlocwEtAhJ6ELVX3IT6HAC5 FKlc3zknV5KswMHqsbDjQsD2GAfEntDoO8Riu78lWSexO99Pu/VfRafKUJKcHEUo wBYQQ33X4sLEgGXMIXUbAxMFCpAxdlIuEzevo8HUj+LiMZWZNN1UJOpsFzBZGx3Q b6XNpGnMup88326DIcTJwUo3DGs7jAPvidlBjS5VPHqE43hvMy7FCqBTMQXdE7E3 6xVR9A8E4BdVPy/WyBjKI5TVOvaB2qoPYaaLmdzvsGaM5LnVw1qPFLwe1xY7dI9m +P+iN5ruvY9GM1WzJL8Yt7ngKmIbr7VC7vQc0kRPe9Mk+ZsuibR4Se12RADvdYfB CTYeDNES93fV1KxdGNFy2+XJSIcK3VYusto4sTRcKLmUfkHd/ahXNjuoGoqkvFYD +wq+1GylK2EUvOThjPEGuBgEG8HaNnp0UaYHqKCcUEzayCthygv0oN2Xiy4cEoJb 002reFlEN8s2puJknuEpcywoWNMOGFWSf2jN2kL4mHo6WIldQJqTOy7DHNLLt9UA aZNXUzhFavF6KXrAMQ3DiTx0nwV9CVaJq9yvyC1iXDA/ySvkHERoODpP7epmhMqW FZTfAxeusPbktEMeAXThVj/SrkwCmzlrvs+pzk8kAa1ycz/7nJkHENiDCLlUk+zR fapmFudsB1x/rUftQUNf =4KvY -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160803-rv180_2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to execute arbitrary commands with root-level privileges. Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jimq89gD3EAJB5AQJvBg//ctRV2Z10XPE5WaLLYjptaqzxiMxwI9Da j9Sfi67bG7R+1EIWxWKj5zc8LYogBOz9aw2AyjWsr79bGkHgO0rs0l/6Lo9T+ArA TNs4QheScjztFCnWRb+Df/xdzTeAB30A5iS5kyrTTJtDA6E8CmuQhXtJXEPzC8cT p8wyDV4sE8XgHzhrm00DUe8OKQc1zrIpcU5y93AcINwdEf2CXFOllVw1KeDzKQJY 2jM5m1YlTM5Ei8wS4Li/0SmPlaANAZG7i3ElItRHGEO9YGsbt+ZerQsPAd8d+R6c +HV3IF9tZ5Le0KFhdTw68ST8GAOxcdpL2DA3qtErcpMwhZca6bPU8okZZfhqAD63 mZDnaVWhGKHa+iyGK40cL+OgHmvxQLljvyS1hgj3ESPNYl+dh5ljFVw6KY5rZpRI Zmi5Av79NNHQK3WalhBfwxsvTlxy0EwbPjetaSws/v3MxH1Xtq1MXhnH35juT4vz 83RvRMTm/71/AKgZ6LZIxcQMoVi9fjcqi7+dpgUBMomziBB+2aqaAH+8B943Knuw S1Nzhg8Cv184MkkL+RLhSCfzFxfK4usO6v2hz/otJyDB238CZVtKeN+Ym9D5NvwU dHwzjLQCsFqLbJN1ps5/JcSC8vtE2bLmevJepk+T/tHp0+k0tTmNm9FS3WE1YaIY VZ+y3ge4778= =Ywyj -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160803-rv180_1 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to access arbitrary files on the system. This vulnerability allows the attacker to perform directory traversal. The vulnerability is due to lack of proper input verification and sanitization of the user input directory path. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to read arbitrary files on the system that should be restricted. Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jida89gD3EAJB5AQJr1w//dQw1ljMBuVukQl7WC1BNN3A70yvaGilD ybcP5yDjJTfeB9jAoSzsM5UPmO1gyY/tF70EL9qyMhIiNxojpOadmypvrarqsA3J tuFosYDYKp67HAo075baCddODpJEmFtZM5WQEgFEL/+RIUakB9Rl9z8VYoTT+Qfx F+IYd3sBo/3fKh2Zk0ygDUZ1pPpTijMM8EpOKJlOJ8gYuiHny6fSngNdQMU1K1+A GtrMm1q2UOHrfa4U1UkH5Id2kVtLXTdaqtNZynp7JsuCdojhSQf1NkY8WRor0vmO LOk9AfgbZJvUGaO5Rym6GmlQDRAGy2AKUl2yhqGG6tS8JuHe20A8iVS9aCpwF+Hs YIFjzuKxitgFKGHllPBvv2Ue/v4/7sXP0EVhLNNqhdNIZj0PveEX4hnnfqAhe5YZ 6hWkxO7Qxmko8zujvgISpAUzL5TnJ1ACYg+mqZTt1tzz4LD3u/O0IHDvI9P37RYy 068EJrsG0swa9PCMxCBSdPc5GpeC8OZrDWYCh5LKy36hjv1qnshlHoYnHtyOcZul XKF88ASHF9kk7t9tYJBSdIM8tk17UKjk8nrKvz6dQd1cIJhcXqwJeN9X0GYBQ5d2 3gN4nhSLyKswG4nkahiSAzUUrLWadfUvqROVwJz4jHzDk5RDIEwAMHcMkDugq3ES MgxdW6yTuMY= =+uW1 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability Advisory ID: cisco-sa-20160803-rv110_130w2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the default account when used with a specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to gain root access to the device. The account could incorrectly be granted root privileges at authentication time. The vulnerability is due to improper role-based access control (RBAC) of the default account. The default account should never be allowed root privileges and should, in all cases, be read-only. An attacker could exploit this vulnerability by logging into the targeted device using the default account. An exploit could allow the attacker to authenticate to the device using the default account and be assigned root privileges. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jiYa89gD3EAJB5AQJS3RAAoF/cx4RCUPQRg88+uAwjZC0F+tCfQHXF WvSQo0EZu704fkQsKE7yELdsU8OnAr/HX503ya8bTHTGJaMQkrg6FBw2aS6zDSz6 gaiZLeN9n6krwOPDxIAz0phRNj93WoFUxkA1oOh4Qtp8H9W0cLr7Ggx4jbhBrcrC Dm6/g/VQREEdMrAiVPO0PKUIEgx8RPY65q2Os5uahRE/3x9uCNJ8FAYVCgTx+1jc iP+Y1GlYbPH9gmcsEF8cRb/XTM2t08aY4yv7IxRzBK8N2ZnUQBBZDkvJh3ghIycg efEkhwKdkX3MKig0HsdB6yooFThgOyJLJXOCDIird0t94gulGOxvmGQanF354r58 Dpb1vJfO4yU1N1Ld48RDKwelxV3ArX6WUM24s4ydehpGWHD3qREIbL3T7lQQoy2F ZZm/ichpQCkfd95wy2NOxGV1cz/gPqlP9LT+00gZP2omk5QdhKA1Xkd9umy/xJhm YstBja7gYpAA5k3EXjOgIlcq1YPH0PqvqSV55CwxMCzg4mHzkaGbjp2nL6nZ0+gk NGW7uKcSptqPAA5Y7CAv0h2nG5c1GXRHwZaAmoXXSxIYS5dvIx0SxdmI3QayOIlS za2HUbv0C1xYwqleJ4euny2RQsX0/C2wv2SLG0q5oJXhh1M8IaS94BMXfad/rgIu S82N2vOSPfs= =Ws+u -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160803-ucm Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in Session Initiation Protocol (SIP) processing functions of the Cisco Unified Communications Manager Instant Messaging (IM) and Presence Service could allow an unauthenticated, remote attacker to cause the Cisco SIP Proxy Daemon (sipd) process to restart unexpectedly, resulting in a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of SIP packet headers. An attacker could exploit this vulnerability by sending a crafted SIP packet to a targeted system. A successful exploit could allow the attacker to cause the sipd process to restart unexpectedly, resulting in a DoS condition on the system. If the sipd process restarts repeatedly, a successful exploit could also result in a sustained DoS condition and cause high disk utilization due to a large number of sipd core files being written to disk, which could exacerbate the DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-ucm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5ukEq89gD3EAJB5AQJ4pw/7Bmj9j3Kh0xFsHWEPZqhtu/k0jDL10nxS vnuPH+QVppva9iU1P8aMNwkLH8dLcXR0/F2mJtY89Z57C13daxO9wBixrvoDy5Bp /WEwGJosZ+F7GSlrPhneV4U6oT2UZMMJBRgYQKIe/tZRwnDjfkhvhdtJs/PqujDz Al+jT8lsCc0ibb3amdG/GxEx2znJM4mUKFuXFSBjTLbZ+9AJyOGizl0K14oSLlY7 Kqhw4BNtr08cHQSxfhQ5pyr3sDb9yQjxKUKscYmdo6pCzYWN3dvA+FRiCO32Mv1s tZOm73rEFzr+4g+SL1ohaL2D8m/UhwC6S6Xy4BvLYgGsXBmP5KID3O5thoIh8CDx KVnQMnh+Dqe8JisvCUgGyAq0o67YwSSqC1xYuskhGB2OKFidfp5XoZlLjgLs0W5t 52diKjExpaU6JwvkuRBg6VP13xLDIfcJa5ejpEQKJCR2O6azpcIW1F+frj/s9uPw VucODGFsNuMpZSc2b9QPP7rA8gXW/oK1OoK9Lr2+ODeWATzO/W9gnAe8feEciv3F LK9iE6/DpZcvPYAhUqslmksP9Fd362HSKEBVeRm4Ayrzc0JgO4P7nC9zQ6PI/WAV hytJGPaPNlumo3m8wT8TwdH13zsOVWwNJVMkhwSqsxzFepcNSifmKx88CLcl8oWv u1noYCPNA7I= =IwC/ -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products Advisory ID: cisco-sa-20160721-asn1c Revision: 1.0 For Public Release: 2016 July 21 19:00 GMT +- Summary === A vulnerability in the ASN1C compiler by Objective Systems affects Cisco ASR 5000 devices running StarOS and Cisco Virtualized Packet Core (VPC) systems. The vulnerability could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. The vulnerability is due to unsafe code generation by the ASN1C compiler when creating ASN.1 translation functions that are subsequently included within affected Cisco products. An attacker could exploit this vulnerability by submitting a malicious Abstract Syntax Notation One (ASN.1) encoded message designed to trigger the issue to an affected function. US-CERT has released Vulnerability Note VU#790839 to document the issue. Cisco will release software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160721-asn1c -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJXkR+jAAoJEK89gD3EAJB5pDMQAOb/g5NPySkVBdpzDwjBFI58 u3tDBTRzvAVjleEW93WjHrEDtsq3exaUv9L2hdbwZrMvFFVqB1IVshfO9BMLDg7d An4jxh7uMRsGH7IGI95s032/8zD0RPqUeZ/eqh5kqV9r43N6UCSWIEsnXGGMnbZP KULIIzJYclG3f9q79wQ/kdTBc2KGHcTAAIaQogczXhUGEdFl7je/zQUrG91FB90O I5E8DvDe8UJYOWdGHQ64Er/LL+lfhmEyvBqKcWHo1eSYGLGn/5yVQPMFoMpwEcAi 9PeM1nCWEjc0kw/IyKTK3k54PbBwGjtwSTK659F6DsX6zqFcXPorcLtVQv+AyQ5o 6JeuQiBx6ab+qdrpruKB4AWXvvI1uE0TtYtH+pv8xyH30Z5r/aeb/Rum8zgehc/j 3G8Gr58gghMt34Hxt+nfropRiGRMl+8Saj8rpfdsLWgIO711vB3RCz7sOEggAvzp Th7KCga9G7uZNnmWy/NYm5MGk+h+bj1Nue5p8ZgPMqVwkRC9yQt5gzHWMlKSni6m HVyh41wicmoTrd44dOWr5pDXKvbQ7P/Me3ZcJxwZr/A57qHOdPNc0lwtzniIb1O8 rbAqG7gOWe9M78A8A8Bo3PV2e0XdeaCz4L8lzmR3Nnq8j5LORZjB6qKhR7oBtTpU 1s0pX/1fYtuQFO0uK5ah =S9PG -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability Advisory ID: cisco-sa-20160720-ucsperf Revision 1.0 For Public Release 2016 July 20 16:00 GMT (UTC) +- Summary === A vulnerability in the web framework of Cisco Unified Computing System (UCS) Performance Manager could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to insufficient input validation performed on parameters that are passed via an HTTP GET request. An attacker could exploit this vulnerability by sending crafted HTTP GET requests to an affected system. An exploit could allow the attacker to execute arbitrary commands with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160720-ucsperf -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXj4blAAoJEK89gD3EAJB5fxUP/3IUSqmwPNOO0uzEISZsClbP eV1sWplfvIR0+D/ZehXwg5I5Bjla77t0YUmqa2OlqmmGUA6etCsz1CAJhYI99jhV dBTVjzIJ7/gaEqZq9SpiYwcqTe/5mU8vhJwt8T/x0GfS7qvPMAPxGmiS8NijZN1m O2aUYZOi3tjxwrYM72NtdjKMcxVJ4HhvwPA8QcUV+b+B8MgMwDp9i7zaJHldLJAB dAOUoIMmqSrsTjp5QX+oBv77XMoL6489hPNF0Kdt2ysIlcJDMQFn9Mv2PM76rolT d/v91W3FWA43X5BnZISHxh+YKLSxli4sHXKR2H3nDhrhZml9e9FwyvQBmKGAStb+ IUJPfFkkFt/y/QHQiPx98MoW1bwaq7jarpihGearGcm6IKWw7op+c1xPVaKI6j/W 3zLObIbqHItCCE+62Qb6PLYTzaX/EyKtwpOsEiHZmPMsVyEFGsb57HyS4cS3Orm4 nlzxZRkv6VGfEx6uWr2VasD2pXUBEMY3fv9QJ/1fGcZokdaw0F+NwT89JhYd5nRE nAwxCi2E9lVpI+pZOYlWwjkKCdLn5Tl0Xefqxz9q5u/URcWKPSLwOkQ7ZY3ajM9x LBMhU3ub+H/rms6sykXRERawO/pCnwzDEh4LvoRocd3bM9s3pLKiV3KWJAQxIQE3 y0TbOx9qKJpsZO3Kwywy =dBY7 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability Advisory ID: cisco-sa-20160713-ncs6k Revision 1.0 For Public Release 2016 July 13 16:00 UTC (GMT) +- Summary === A vulnerability in the management of system timer resources in Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) Series Routers could allow an unauthenticated, remote attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the Route Processor (RP) on the affected platform. The vulnerability is due to improper management of system timer resources. An attacker could exploit this vulnerability by sending a number of Secure Shell (SSH), Secure Copy Protocol (SCP), and Secure FTP (SFTP) management connections to an affected device. An exploit could allow the attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the RP on the affected platform. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV4ZMB689gD3EAJB5AQLaIxAAueOBvhPrQxwX5VNKSB3CHnMH/BoXY4pH +EHT7C1kGY/0tJAiA2JlnsVpUwxNmu5guCT3H+kaqF6VXoSZYEVBRNb1yt8wvfo0 1+PKPeNIUrrOaCu16++U3c+bUuDst1DBeAi+xYjkfsTR23haiQblstb49JgolaQH FQiufDqU3roXzIua76lOtLmd/Nq4vrcafVprFKEl2UWT1eizu57JnKh8nTAHoxC3 xdkfXXfuilvDhppHShYACiEG4sPGfDEV+ExS5Nt96Vs6wCGNXJ6+9cVq3peZPCWT VgzIVDHmvntBXCR4q/xvCDuw0D+AcYeDhuG+qmgmZWMf0AJNQfJiiVf56CRL62zT ePtX6JLXb1eogikdcitxq5Y+vbMmYwlF0+H+/ISTG85IkprZc/XYiYIa8RRn5hmK 5UfQw+St/DMtGBrKjGL+HOOa7lk9JrHbKqvoOikjZpMD/KdnEMv7tPJTC3RWXhAh 7Vi/mUTVBjyWDC+JE5O0E2GSpS6X+bwCji16TlNpFoBmMvqYn7I6O5SSWMTUanQ+ oQ9qL3iF3imVkEGMB/TfbLQWFsIQt2h+7c6sToh1tpso3A7JpHLtou5pAtxy7xSt 1VKXDcNBBJ2GJ/SimLfbMKDfPGqph2d49RCyEQRBxp8bFw4vNRCxDFn24e/vVDW0 AnbSOWb7rRs= =8GIQ -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Firepower System Software Static Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Firepower System Software Static Credential Vulnerability Advisory ID: cisco-sa-20160629-fp Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to log in to the device with a default account. This account does not have full administrator privileges. The vulnerability is due to a user account that has a default and static password. This account is created during installation. An attacker could exploit this vulnerability by connecting either locally or remotely to the affected system. A successful exploit could allow the attacker to log in to the device using the default account. The default account allows the execution of a subset of command-line interface (CLI) commands that would allow the attacker to partially compromise the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-fp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qryK89gD3EAJB5AQKaGA/8DW1mxGdQH0HZL0ih543qDib/oN0wkZU1 3A7arS4mHYApenC7J5WsHULQqNdBf22N3pagOTeGlBlhnXejFxA/fcPqHZCP4FZu eykxwCLfZFjPmsxytwM/pG/7xsr6lAaehb7xbPPD7Z1LpWEYUYpqaQRPh+ZfFZ6u s7FtquqCDyV6Vpi3Hu47A4m7XkytTTLkPNuzMRsR7qzDQ2OiTgJiEDmdePr6iVPt yWQHFy8klt2UfzHJ8f0xHDFiihfeRP9Tyyp6knIgc4QaFbYl8KVUJi7z4Ji1tlXW Vqk8MDlxU3JA1dxesKXzt5U66E4k8rUJBI2UPSZFTA1+4LxUPIlxN0PrxXSCuBp/ HRGFGA/Ti5q/pSZtqSq+5KM1mCyYJ84b0m3wkDzvCxR5IbS7FjRTMCtGFLtZE6fa p15WuBp8DEqF6/vHZM3UBjR2Ls1/aHTYGpb11Ksz45IQQb8DJyNn9NykDsaIeg7k 2W0QtXsxWkoQV8CxEKmFk6Eipv0zxElnnzu781bhH3TMST7cWmFsdNfZNFpfI3L8 nNncQ9k5yRMO54V1Ikuxd9JlbMywb5HGLns7XxsuaSN0vjhz+OPY1QhhWp/JkBSe s1NSXOHiHTVB1+D9AxZ2huCiRVKWlKr08tLPp01HdzeCut9hMn5w41cuvHreRD4I g2taAqbF01Y= =z3md -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability Advisory ID: cisco-sa-20160629-piauthbypass Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in the application programming interface (API) of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to access and control the API resources. The vulnerability is due to improper input validation of HTTP requests for unauthenticated URIs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected URIs. Successful exploitation of this vulnerability could allow the attacker to upload malicious code to the application server or read unauthorized management data, such as credentials of devices managed by Cisco Prime Infrastructure or EPNM. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-piauthbypass -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qsA689gD3EAJB5AQLphxAArGXxMxb0qLM5w73zZSZS5iuqQffoaoRC ZPmuUgErAnyO+OlLsco5qfFxEwCWrBQMQEZZie6LlqlArU+Q5H73aKC4orYnu2o0 avEwR1YkFGcLNbZKp/Bvtzhy7Etd3bR/OnSFkfsg/2Qgkx77zQke5vXwjNtuaMtX RtXYDh65TvpkegxD2Kb4tMZWLKxsH2tV8oBuuDT+m0h7PwSo4n+Ot2u0IbW1dDjn AXk/8j4qUzA9iC+nFtTY/ulkWZIX1RHnjk/z+070tSvlsbPhcjJiPZT866+RUAms lQYoINSo045owXFtQv3CiOge8k5bdxaFsnP944Jg8I+huDvmHXg5uPpIEG7cOKQ1 ZM6n+yw3aQkqDgPRNiAiMwnOrVPFvXIwDFQxe5Otij6WY5Npd1FogBfW/1n/akey IVoEQ4Xz3cR72yrv0Xu5nt2C9GX1uByID82Eq1XF9VeI74yFpNupjzCgPwkxyhsM +M1gj+9teD42wUtEV92mAtmRiEBeVBKUnnYcDpOYOr5CbSretlyQm++0FbJS2Xrb 22TWTkWWMlOd7L+msb0sOOdlVC5h01aKnfyNfVsBcRhKVcfsfxljomR6V8GZWdW2 DTR1A4f5+rcuJBBlnNxE0tm1Wbvsed7N/0M92aELK13oLmz9lOw5aUZ/X3bhP/ko iZ6ZrVNwhyQ= =F9QW -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability Advisory ID: cisco-sa-20160629-cpcpauthbypass Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in the Lightweight Directory Access Protocol (LDAP) authentication for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to an improper implementation of LDAP authentication. An attacker could exploit this vulnerability by logging into a targeted device that is configured for LDAP authentication. Successful exploitation of this vulnerability could grant the attacker full administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-cpcpauthbypass -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qr3q89gD3EAJB5AQLLnw//ZD85xqIpSmQranwPfYQDeoM2uD6+TNby Vl+47uZOC+csQ0PB9d/z6zylu/426OyJSSUje2c44lSXDJ8iHy9dBNY0ozyk4Uzj oTOlr1h8YEDkjxZZ66yqm0GoTVo341tbAaDJb8xWHYjb6STnAP3r8hHu0jleH26j vn/NQ3xPTQ7FPaB6gDoKn6Kb2Y8rDjUs+Hps7S9REtplxLR9zkERS0lWQHoz0bSd eBTmNg5OAQxVwH6jFc4wnUnHHaPk7iALBXVo8mrkU3+6CAfejUbhJpSVxYceZQZx hl7NFgr9NSj4aT1nnnNGjGPHY4pPvrvyc55hQIrIPtk+teEzWL0br5VxPB3LVmKS framl2fXHOd7uV1rHcgfWlI0LYBldC1C5JhSlE9hxh3BfpejMauev2rGiWVDCTyr RIC7zJDqBAc3F7XjbjVebrKjdb761SPmYbdCDHyVBuR8mePyzbEvHkfkvSGi0XbD egVto6K1njcXU1uXLyKxGnPDH2pUZCTT+Hg7wF3U3zf0gvpO9Ifk+uhELoz6FAFJ SXGVS245KjwhJmBwh02gsjbX/Fy+DLUnmVAsdL5hCMBZmzv5Cs0fGqefBTgHahft 5ZVRP3cfwSKSFfLTRTO6GF2ZlUk4kwFwqP1HpVjB2Y4N/63OllST/lIlJPhsZHH0 BNnEWyb0RME= =hP8c -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability Advisory ID: cisco-sa-20160615-rv Revision 1.0 For Public Release 2016 June 15 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code as root on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request with custom user data. An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be leveraged to conduct further attacks. Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV1iuka89gD3EAJB5AQJHig/6A8c0ghf49Ku0Z3nkuRKv0V1jrahBY6uX RemK4SgHfPqUjeSaM9ci2RuCqFe1BeDOK9GBM3P6Mw0Tq5SpMndGD46P4Ha0hgL/ WuJsiwaPkOFKFS47pIKdX0k97RX9AWlHjYoB9XIXb19M+449rHi0Cz90b3Wk1w60 rXYtVtbqdiL5WVn/HmYA95EzwZ4HozVZvDIAzKkUy+mjOkTSHR38gpLSoCibB+3l I6U2Txc2crjnaUxupTRs9IG+hcDvNCaLb8C/ojSrXpQQGV3Q9XEXE9x/EZMLFl9x aQkJRiKT8aGAZfqqvP9JxuECXSTm2koYR2sgaI0yJWmpp068j0dA6zdc/zn/nM7N Rx27U1yWFH0qbFn8q65BbS/IOw+u1aV/LtmieWxuySHW0/BlVPEJyFXRZaS+rSfF Ted/NRe9e4XGd6Bn98S9+8vXXrvcaWcrxrl3aLy+lDstbl07EOC+eLd+YvzRrxbj s3uKiliQpryCkSC49SaY0zmj11KMpB0psLeUKPhJWzpa7LJpSRZtTbDyCjMrtspw mwobTZB+V8cVayhrPwGIyUN0ImfGg3DH1vlNoaUoXD8Wcj0T9dhWBkwx0dH/Oxol pSsR95Pi3p2e5xS47+7b1l1ViR0eTBTeCT+4bHMfPoDcp8msEJ/sSxpwZgiPAdjv 53TxLvrILWg= =2XbL -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability Advisory ID: cisco-sa-20160601-prime3 Revision 1.0 For Public Release 2016 June 1 16:00 UTC (GMT) +- Summary === A vulnerability in the IPv6 packet decode function of the Cisco Network Analysis Module (NAM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0WyjK89gD3EAJB5AQIJbRAAmARSbMN/HbRdFCfkBTHNt5GgfMHbGRlv 3tY+2UpNk76RO+3qT5Dia5i1dSw6xFViREIFJR5/8fgSaBQMAUqU/Ub0Yoka1AzV OKA3qHt9tdmkSJ3l7evW+Os4bQTpf/DSlNJoIwWRcvdgMHudUZ9ELzp9WwIczI9T AQwwJBfPyyZLDzfDC6e0Lxx2ca4ITumOFBbG7QW9NNLki5xD51nTA4VscMfzLNJd ETuAVELyEl5cOUG3Fnq7a9Aok105UlGSgf5w/cGrXo/ycSfvDYaZ7WBPBAFuXQht bUVvfzNmHjiBcTK8rv27fc+mRsU18vTkHyIopXc1sUayrYVhUkSGVIbqN6gICDRt 0CDlT8bSVQybPElmpoR57U2d+YatLjWggmUzS1EFCFfezLOGzYftSFB/D9YiYXZ6 7FR+2feIBnitEThvcEHXt5X7EPEOwUJtTNLN9psE+hMpDcThw5PzJ8dhRPrF7EBW Q26GRafNxcw/mm4wDIHcWfABWVbGKCSqcNcGIVwLtk40wb7mwlpfOVckSwctN/u4 jGeR4gmWcgdYDGWATyWDhVatq2c/x9ou2PkBanPbXb90Pshr7EVPbV4t/ovBKlix ORjuu2/szqwJLRb5M8RiZVfgrA+79q7BGgxWQQK3Wi14FxzrNvQlQFq5GYNQjy9Z FqHgZHEGhC4= =vGKU -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160601-prime Version 1.0: Final For public release: 2016 June 1 16:00 GMT +- Summary === A vulnerability in the web interface of Cisco Network Analysis Modules could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of the affected device with the privileges of the web server. The vulnerability is due to a failure to properly sanitize user input prior to executing an external command derived from the input. An attacker could exploit the vulnerability by submitting a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands or code on the underlying operating system with the reduced privileges of the web server. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJXTv2/AAoJEK89gD3EAJB5KcUQAOYjQr36VNsida74k/896SeU vHNiyFs++KcgBy+5OQpw0/GFtKYnQkYp5f04F2Fl0BCqwTn4dunh2Lch/yLh2Iib 5514iab/1fNZXWEpkgfOwbzQhMlJklc0U23P/mtTcSRtaZv/d8oZXebN+byJ5Yz6 lEoCvD7CRlcPszaCu6fuOUqA6Io9gB33bYeU6NDfvVD1sOPe/xGz0To8bDJm2YU1 SSCWB9L9v5c6ikWqdmmMJJlmr+ZORmyguv2cSzArWdhUv2zjCc4nsL+FJam215Bj CqxQXelURXVRPEWzeaXZGhvvih8FG/JGQyNfxWp+5BTZTniQbp7Yc7Iu4IHBFT/d bmdde+p9QeyD+/oh947/kJlzmgdm0qZmYF/Xrte8j5YucGn4Dr4kh1lvr9/KEuPX 0fy9mEQjfNW9HKwKL/TlIUZS45GX7fLZsf7HKkBTeSbQCSZ0u03EwUU/+WdMFaf9 dmnVmf9F4IuZMoMhuyShx2SYPyoVRgTr9eRt7zEtLrFFfRNlhTZAFuLvtWTHGCE5 t85xZkZE/iKIRdR3cm+Rhk/nrLVYacd772IncAW6LirjY+uOykVWqbGM7NJ8YYBh Xca726QhI1lue9eHaNier5o0Xsj40+sMrAPlK7Cc/b8hKWuV6xODcor0sEPVoazx wk31KMiNQJpR4vnym04g =msWt -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160525-ipv6 Revision 1.0 For Public Release 2016 May 25 16:00 UTC (GMT) +- Summary === A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0XLn689gD3EAJB5AQKJKxAAnJ91wZ0Ag79YXUfK9+5K/Vw25Z+FSOhe cElgkCsqW7DWhD/C1kkikheTBu7a56vvwTJFYNpO9ikYcY++g7WhrNW1ZMhlGz/C rQD2QD6RTSTdnWswco9CWqArtAXWEXOfgZsrrcJWNVi3klEuNKOaGMmQP+6Indgr Vdx7YD00XHlXN4c6ym28Ax7WP0RSFiEGvrHcniN2moH71nbQrOgNuOK1Bdzg3DiK Lz3LSqvastJ5HSkDYoDBuEe9GKLQPnlAo6wovsiH0hu+mD+BlMHlyI8R2Pdt3Wlv 8hqgkg825yeWdYQbrUq8ypG3ZKwoGqMW4skgzBGYUkYUqYw/ZChxtYR499tPUp43 e7dgpfMtU7kNJoPpGFuJFozCstqcM/+YAywyC6YywEhPJS7ns5NTQvybKjY6C32O Df4HZVbB45R/RZkmOBaVVlFq2fZ0DLRczAbmUm8is1E65UfQADSl8Pllraymfk4D GmK/llGmv2QOekmpF/+m86RxbBrJgf24JrbrOzORAofz4MGnAOH4TmkMd0nQj/HI 1YYyIP098gXVX/tQtSRYjgbsg3EjhRzVEsQ5w3DTTvpv2+A0d5XlfZWJ0RKC0IZ+ nC6qPcS/Smc/gAj2VOH1EaayspAFVuLkYL+wk45HXT9YqX9ifjBypco+26664+Ap mFegCw21dbc= =66eS -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Connection Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa4 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory. The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0k689gD3EAJB5AQIFTw//SVvwy5A6X4SY/r95dKR7bw6PhsZWlAyI WkDUis7GTqaGtVQWBDJi4Dv2gzI53/i3y97fXlwqvxv+B/nj6L2AhJjH6j5wWtca cplmOdDLSYupLp6jO+sQV4HXRMoDLCbLNkXsqSRjPsVPg+5U6DFVDzz2X+B7f1Rs v6yw7hPpuujq71ZbnqhxNBX4Xl8h6BDzmGOtQq4V76Bjv48lN4ItI0wwpZ9ZShLn 3wky7iAhLZKwOazdYGNE13eyVCBhKHbIHZ3pgG8jkpBHizR/xCwp8K2D94JxTx3u Gu+9GbFh4y3RQguA6QOCeI2aSThcKC3Ial7+bgnVX3+K9Kqwi3G+/fmjN8dXMxke Y1FyRs/V9JT8dbVPqPhvE5cghlF3+9XIUiXMDVgkUvG69ZrmvlgPVIMCN55vHzfD siaoBjyk4FOOzINzIypmnZAkZoyRoTghNQRG4Mc7rzy2dpKN+WYhFEY391i6aU5j ZeYem0LS+BpFpUv1XrqEsQc6ND46Djsy6tCE30WY1u87QDXG99D9O76q16neM0Kc qHv/wSZNS3I5hAdLq+JB6OJh31X5ZuiUlFdZumYw3u4fb/ehkjQ98ek2G9YDKMVO nXMc0Aq8cWidUjP/RWnLFwvSX8TyfP3wuZAPeGk50mz1VhnBE1VzuYUXJKp1fXyc QHExA8KC4xI= =4sxz -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa3 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0bK89gD3EAJB5AQJ3NRAA3fZtmhQZ1CLM9wpu08Oe1/xETVXNB7Es YPIeZk/7rNcZe0RjrvXxQoJcZrNkq6hnExNwRaGeiKSulCAmXHU46v2gB2mbhYdx FB7AYVXOHDKHZyEhCeZXRvq3sbIZu4A/AVPLZSADl3v35Jdwwo8G/pDt7lTQma6o +qvLYXhToSTZuJM2IOxY63TSwSD8rVueZYvcPOAbD5w529tHwhIhmJ/OM6mqdJks FcQ+p3qBhuJpv/UB3ffWrlVXCQgukW5al/6tYHUFNYETp/b7PqixWz/Xs5Ob7GRg Pa8JE6ggkdwUn0Z5LNbHpU46wZyUMaQMLGTMwVlpiBlz5dxbq41Llo/vu9//ozNu eFohMTKSR/l48u34gzeca6ffIkOmLv++nsM4xAnvJSnF4ooTOLoyqqEjghxIRAkR BRrvLiy6SWKTuimpP0fhwGgGio7gDFP+nwdbgqXvx6JrEFCuc2rmHILLGH9CHWzH /sKzWekfJOXRN+w/m2aIRqJ0tj//2MLOYldxtX4G61MdhKgnGk/f9DyEuUP65+iu Kru4HMw8V+/OX5t+X0E02LfpKgMmOFKf3ZF00FvTLTOsi92ybBqw+OtuI+zY/x58 H9CZOTgqtreHpSiq2ItkUHOLIG5/d7oObop/Yk6ZvsYBsApXQfr+IU4WfdMaRstp CcNZWjXOX10= =Jy8r -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa2 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory. The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0Oa89gD3EAJB5AQJsexAAyH61to/tiXUbPHahnr2DdLqJPCkMKyZx 7t6DJRtvD1yBbOPNm+EaySBI7dAIZ9Gtt6kWueARIo9Kyu46Y4TfLpI9Kh8XEGcd 6kB+WO6Ps2FYktDPk0onhr4L8KAMqP05l02Cls7WCkxbc6feOD6GnlWLeIQDFgxB gaOph4ng1mbmniqBf7bIdsjM1wzx0T58QeNmkCBl3PqPX30GATCVlKwvh2wTqqAR 7PGH+vy47ueTXQgaoFF8NJR/25WhCSnRxBFgotGx+BKPWlE5tAxCC+AQ516md6nn ox+3UJ0tVDwBV/0gpMLoMN/oqC7VQATjEFiq/vaJDIXipqFw7BJu/qvFfP0gzWRz MB1S/kAPBbGI8TbV7ago5DM/w0kvtqFlOwYntQhcL3xu6FHq6Wf71HB1R2vqBBkh qrmPwZ6F3EJmbjwK0GNDzpqIHtTp6yeLGtyXsokbhmh68sCej4JemOgPGXM1aLCP pFJbaMsHEge3Co9h3TPoq7eXl1JFGOwxb47++/K6oFLvPNUp8f5SqsVtLPGhsGMz VGhM6XaioppOGjOAGKloyrYfJTMoKcB7OHjnA0bx9MUavN8+epa1s+CH8ViD0iTN STuvrv8vF+YsIOuD1oCgLLegPZqjNhZPj/ZD9oyvjim34bgoSynAUcY1CiVNyp8/ zsX1HnOZJbo= =XrBA -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa1 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive. The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0Ga89gD3EAJB5AQJGlg/+ObkX2XT38zQEebob3urvYki7B6X+ymcR XVObHxksGUQNOsHPmLlj/efiSeBRlr8tD8ZwH5MEm6A2E8R24tnxJJw7A4LxZMm+ TxWSm/eXu7hFQufWnsKcC/zV8G7pFyrDi/9k9//Gqj1RENh5EQQECBqfWs/cCRZM lNKpwY33V/mar6Qopf+YBuhkUY0vgd0Jz189S2EK5RQndwERvUrMTZHicErsupeb 5hFHP//pjDiu1JusGrU3Vvx+gIlKVCd13Aq1ancqE4EKLlBk7KIgZMnD6dfaEOAt YYCDBHVTkSmPYltEZ6d4YU7+DmT2fkbK8r3aybeuxRZJ0EWwIq5ssOkzZSgN18tr itAnftJwGVrOEmaAtxcba7Ok5+Y5B4+031cwRfxruML8ZoEX36KaZy3HDzwGY0su fuIRp6yucSVohTHgkU+KX3DXlzD/HpviaDdFwMscwyvtKo+vzJZVWkxaQI190B+y GwwDcIV1EzM58NeXzPtuiR8e2+hUAZ6F1D6Np1lVrVa2VyRcBdQ0BbMr6xuzruWN Y4j73bK/g7yBO3wXbFYw7vW7pm71jCi6oq1fI0M45XKJPGdAzIVhroCLepNAfvf8 F8pzscWL+8XqDD9NqjUl42jM1sxVCpYGLyVTeGuNdUSGtoKwqsy7X4MdWDcSZ7Wa rmhFNyj9Vm8= =kAil -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 Advisory ID: cisco-sa-20160504-openssl Revision 1.0 For Public Release 2016 May 04 19:30 GMT (UTC) +- Summary === On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Out of the six vulnerabilities disclosed, four of them may cause a memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. This advisory will be updated as additional information becomes available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXKlTFAAoJEK89gD3EAJB5gbgP/i8P9n6GNTj8WmRkfx9Iu54o LTNnlJ1gaOTxl4CWeeBAXre6LIJ0l2oMarScMchbI5uje7oxdR7r1jq1a+Fd3Xa9 r4YWfoWzfkO/77ULtxr2vHzvLCDHxpU2Q92heDCMU0ZdSvTguTQ65vxPeVuNpqnp mI9IKs86Sm9WlY1fm1goAkIr8ES4+vC2MMPXc2xt77Zq8QnLXVgRxapgXBdmQuOS ihwiTPNtnU8Is+X9wvZoalBPqYBoZr6nYTzTTmEr6RkhMugq5klHxUs1CMEdkDlJ 7m3eVle45BJMJCR3DXY9Hu+zzWHh55K6XVFBYL03TfaVPx1P7IxJdhZJXFYe6wP6 ySY+uYfIfuVH3KLyL/xBy1v3rotIKJtpp4/RSYRVk99zQvs7Up1dHfNkcEHNPOH2 YzSoIW+h/ykSDowLHLgx0NnHEHSOViTKySzZBsRsXXRNumHv6rXl3kfvT2ZHbAin d6SZ4ONMxNZmeF+0etG0HWPLA1bO8FXsv6Qi9AKrm4ldIWE4mKw+a5PNPFkmL9z+ Pkj5nmaye2y21hWf8AZV1ThUvYp/xZO9vEsked8r4qrHznUwWZsqPv1raPGTAIBp G50FxE1Z6Fxr4CuxH5nHpyzhF+ZANl/JeCOzQc9j8VzqW3nD5PzqLZQL9KGYUNq0 OfdMkykaRaf0jwlAvCTF =xju6 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability Advisory ID: cisco-sa-20160504-fpkern Revision 1.0 For Public Release 2016 May 4 16:00 UTC (GMT) +- Summary === A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVyAbtK89gD3EAJB5AQLENxAAprdyZgAuwqP+PyQ3PJuE6iLgyDDFTNpi yZ0UfoCjJ1BmSFkc/dbdhMtPgAuKiMJhIlgsH1N+Aq3rxxoPlvh33woruEJeqjus J/YqK/HRT+3oOzJTk9JklUqs6AYNgawjVofttsl3ITeshh8uOzPgIOxAUYSJOAy7 Ax6bwYDFNxP6+HuXT6QKU811WsPJ3BT3VebPw44E4drPoWkSHqp7j/Ga8ZFPGNWn Cx9rz8PebImTRjKfgan9f50n1fEIElow1DedMFv5uthsf0iCU9etDbOXBL/Plmk8 gbbqJJVQkPUdFiMHbF1YipX3uzmPLKj9APOSezSYiV1pksTRBg4Pg/Ytgrgao8Dk d/ipqv8I2XW0dnNdXwImVQ6MbZ9z68OmCR+xEbui6DEBTnD5SQQYO8fHKEJpUhCO WdVd5diOhdMvxOzq3kWPwlZ8wkYlukGT9UTYRv2nsK3n8zqR0/NdYIKiYtnO4wI4 67/8Wx/Yw9ckZ79VOaMpbkulrnDQ+DOPqc1r5bia28w4jY1aq8MdyQsT1xbIiePl euEtQXvqek+qHQQQy/dgMjNw7fivovo/sH1PXUEtXD3bnYDNhc2ProUcPr82JY9E P/s5sLXwG95kV72hJN2BwN0bS7/FU/OlJ3QtkiUsBTGor/ZDgIGPJHCLvdTxCr9A xQXI9bEKg3w= =Nu46 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability Advisory ID: cisco-sa-20160504-tpxml Revision 1.0 For Public Release 2016 May 4 16:00 UTC (GMT) +- Summary === A vulnerability in the XML application programming interface (API) of Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API. The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API. A successful exploit could allow the attacker to perform unauthorized configuration changes or issue control commands to the affected system by using the API. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVyAby689gD3EAJB5AQK2fhAAhvyNTmp7mzXNL4xtg00pF8NDKaYzhALp ekAzt50x6Sf8wSvdMUo9MXJPtpXyovCQ9N2L88hUxGh/dOUur9uQ9cB20EzeXYXX QAnRvkzyGXdpbYx1mmOTzI++wI/nlYQDCZyatX1HZQLGCSPAdHtoYZZIj6zaYHjD vk6nACe/KEaGw3+4VHbRVMS360/A+zgHmxOgzxxZhVlZot/0UFbl1Brd3YmJaejr yYRwcozu3eoiOLScNS3dm4WSYpJF8P5rajxDUoYPugVu0sLr4dqBp9Y90c4CA6k1 kh7QAYGKTTc8LwToekx9QwE1QeYiTjsU1/xyL8NfwjJuMvM+QOdaaSmAecufnQzo fSRAMI8/3N+Ml+BHBE8u4OQyxp0nuBMdMn57+j71PBeu8MPvQPh87o03480Lro+o Ybsf2ISW8K7Q65XgxtPzULW7bumBjN6G19/h+sJaG/gQRH4i4s07AFDasFI+IDHl bktDrEKPgD9QAhYj3VFMkyiOtLlTdguEUOeZLdY2b42AFLSUBQN8G3dEn2kHnoL0 yWqtBERHX69KddYGqq01H2nIe6Z9bMKeH9lw6eyyjE3oe7LjzvH5v+w/zmgEqnbD euJ31pqYupT2Mxz8fAkTCf31TqDHKI+lmTnW+wRKWB/m+VTLoTAP8r1++Bb+Yr5q KIbMTNNqQrI= =jGEq -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160504-firepower Revision 1.0 For Public Release 2016 May 04 16:00 GMT (UTC) +- Summary === A vulnerability in the packet processing functions of Cisco FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper packet handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXKhrpAAoJEK89gD3EAJB53QoQANWskb8w7+58gNne3stwOPnO vWtuqUDXEIWn6rpcYOD0rJ4WGZN8EbEAO5EdlENj11OxH09FJYUxHD9V8QkUnLq2 8TOzPgyi3TITHAe2gH29US7QaiLxtZgarFtd26OKBX1tsqMUbDzcwhLFg7V9B5r7 XAIjP12OqWP2W0dtbritU4TBku5g6TV83Uj8CWLB7lqzoYKGzEZd6zlgflUB/5ej nc3xpoDC5oQwrftKE58Ea+tHIjCRkTL2kRx1bH+vQ2ewsFlvhXQ6LVR7c1zMBmAe xTuBN9SuNDt8KK9B8bBo0Qcu9UIBOKvNpPVWiTuhr2+SoEs5HLaEwyQQXkGs6yeK oM+IkuuHriZeq8T098hqOb+XO1hOTYJ1DVCRVpul5FUyMCsgg7+LDqPKJbuDORHq AizdNjIzc33V/zwNcIN9Y588788y1YDi5TTtS51h1slo2yOhMljwLL2IjTbkfQjE 5w/jqXSM2Em9U5ZPSJMW9b9MIdkFo48c7N1txCmvGDevDEQ5/RNjuzxixpeV0GeN jfYECZ/bYGn5JfCihWvmlL6zxE43WHnAeqzgTt/NTcLNWvdDQ6FTJwYUbdht3keY 8qIbyeVCkZg+QKBvW1ttgQoX1uYrE5Y2M6vXyhHHrR9FGTRVDZaExISI4QSwrPnG QfCvizSgZ8plD5iNahO8 =2cg8 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Multiple Cisco Products libSRTP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Cisco Products libSRTP Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-libsrtp Revision 1.0 For Public Release 2016 April 20 16:00 UTC (GMT) +- Summary === Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol (SRTP) library (libSRTP), which addresses a denial of service (DoS) vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library. The vulnerability is in the encryption processing subsystem of libSRTP and could allow an unauthenticated, remote attacker to trigger a DoS condition. The vulnerability is due to improper input validation of certain fields of SRTP packets. An attacker could exploit this vulnerability by sending a crafted SRTP packet designed to trigger the issue to an affected device. The impact of this vulnerability on Cisco products may vary depending on the affected product. Details about the impact on each product are outlined in the "Conditions" section of each Cisco bug for this vulnerability. The bug IDs are listed at the top of this advisory and in the table in "Vulnerable Products." This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVw6aV689gD3EAJB5AQLT7hAAnEhIXtGqfH9FEGyzLoE+NZ98c0TVnAQY SzOIo9NAVtEYuPSbnybPiqVnjQGmHgU+BI8NgTLvvs15rxJOSeI040rLBqZQfhMA gZ0P6t7fcyz5k0jXwbITxeFWSRFAOCkIwaUKfVkq1IfHeKO+UFFH0eQRFtMeU1ji Bos+0CJ2fpjTIZyHkNl6IcIPZDtfeRwN+xf0C5VdHk6NIRDfbXY1Tz/qqIE9EJIy O8Ml2yjY8EWAmbTzvSluGzeyXt7IvdmSwnNQLhHhhZzBmJKRqwagm75vftiFsWvy sycEVG9phmG3w2hubqufV4B7LeBSUmF7OPRi+RV2oH9pdwMYXoNTa87tXWs93tj6 tR8FkHfdN0p3EEVmY4RzFAEy5kw+XsIDxiCkioqCecIwbRTJ6JNdLd7O6Cq6XW53 G5uHWG7HMvkRHEhXsvRbiWhXf4klhV/0gk7OXQQ/wVpadXnqP2SeaCbg56NduRvr svfKPFZLsJ9M20J5f2sqWPEPVqPlxqV6Qr74Qh3sZ5XMCUtDWUVugMfgqH9emgil 8EVa2FMk0MndiLzJytqlNUkLUAgjXYEFitZ9MFeWF+eJQV17BZn5kkhnbQ/jNO4F d5dcBBMQBBX9VgNhNkse1kra5rRkgQFzbK9kn7ZL4yVRxIH9pggEYhEklymYkF7P p4CulSF+1Wk= =wL3f -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-asa-dhcpv6 Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device, resulting in a denial of service (DoS) condition. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. The vulnerability is triggered only by IPv6 traffic. This vulnerability affects Cisco ASA Software release 9.4.1 only. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF3DCAAoJEK89gD3EAJB5pscP/A82fZg0GxmGGZlQR0YGSC/F M1jaBmDHh1/Hofa0Wi1jTsUiEQBFRh/NzrW7PAF1xxz8oFA09l050HOXc1uqbwyl kFZn5/gnNOOl8FJ7E7Uq3yB1690XelnFMV5T86tiFTssmAHJWjtc/H/F/C8pate6 yNxm/ns+XJKODkgFId8WtXSiRm2TLSc7KaLSb4CiAy8IZzKyu1jXE7CNWvzdfi+y FdBR8nVdqZDW0VTJ6dVzYcWls3+wbcJAesZtAWJS9RhbV5hWlumOVmbJe78wMff4 ZBZ/qy8yS3xSqA2qjNbPgszJuhTwudNKAagOOpkPUxze36s5J3Z+LKOaPGHKWgiD rK/WVa7M2nD8N92NsOt/VQQ8D3KPW+iZ4UN4heQ8A/JC7/4OAc8bKt1cwkpspslX /r2ihH0grTksybKjTGwHus0c4fWB5rKGeVZagb8rEiYi0hbGAblruUr6ovFlhA0U 2gpgwoXtQSj0DZLzPRfqxTEAZ2reC+Ny6TqbW1qokl43sWxguNW9lfJPxU1G1ub2 vIKwxz+Utq3xWQ9wvSDQ8lT3mJTj+Mu4KQNC6YEzd6kxJCf8z6Bseg2JMJyTlMRh FADKRiamRkfQhUa8C6J4DQa4PFIQb7oVbaNBKuSKZd77mGM/+6L1mXF1/TGlnLgH VfzhOiSQd2rx3zyxsjG1 =nIGk -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-htrd Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the HTTP URL redirect feature of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of HTTP traffic by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to cause the device to reload, resulting in a DoS condition, or execute arbitrary code on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vuAAoJEK89gD3EAJB52hYQALm85XJaGPUEVNKU5qO5XXgS DNXebsZBGXOKiR+4Q/meIrsFfDwSclIXmyK6Xwecxg+ye2thqXyj9oOBIK1svXTb dDb1LixwfvHZGvpjqd38gF6xrzOiGARjuJPlUetWR7IqW1xLiD1Qvx0grf6HFyoC ASpUSKuBRyUs4rYvJ2HewGwgCDVqKWriTZ1ZuyNFkJeiUWRW8IyASkiirTYkDj+g +whHTjdZ5ilzD44aAhdWk+Np7GYom4YAjrhrRdW9kxkSvkTDwsKbZJbBLAXGM2AC GwqxE4Qltw1AbWEJ9w7HXY+SKI0xBhpsm/WBoOfO8kShdT8M0TMxSh8Fga50/C3v 2sZVusZE+3IpqY8CF/1WXYL85sFxNRXhDfae0EiiT1rZSO68zdz48GhuUBllpJT8 AVjupNOg3GWyhFuJzaUlv9sCZT6chwd/J2sRqTNPDelpaMCaLEY5oVeS6noheK1/ VQHAC5DwOer+LR5OmxdG+4ZQbxPSqgFfOxfSxe/pwql3YmWyzFRZQmGkhz05odNH ywalsvEhMJIcJMl9kF4mBLji1hUg6D6XxpxGNEMpfPimiEAQWvKEb/YkC25YtIeZ N9kR4sc7e0NIvysq+2UiIDe1QxdBF6SPZl8HnlYvTsVJ2vBKI+x1uN9dvtFXpW0p fg9E9sebxbEmxJCvhNFi =v8Ma -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-bdos Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the Bonjour task manager of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Bonjour traffic by the affected software. An attacker could exploit this vulnerability by sending crafted Bonjour traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vlAAoJEK89gD3EAJB5clYP/01GkHljmtfoWydE9FD9FrAa /1gaCMs3t6XBpXZhC47V0ykYOLyW2I6eA7J28IIOa9Ujpqlxz2pIU3ptcBLGVVWm 1Zpjc2MWQF3v66DPtvfL7Wr0WZxaQXYN+WpXqcTOkDd2H+VlQRHMzKWYDfD57esy s9KL3gActveVDV/51tXHLXlob+9aaK4aeHzKr13GfrvL55k1T5Ea4670o03lqbN8 Dp7Smlu3MhowJEF/e4HOcBxKLZKrh44IX1M3KMkprvp8H60igP74atHgQg7ZwUym db4DqjMFsyXuMX8m8seGI851OsfxYUi5sRP51tAolBY3EGaWN/+kbI8FCp5l3UN9 Ezlwmfn7er8szbaJ3rzE2yLChyAyeNwL6+SSMhqTWvUfmmwmyP9/OHRGaO1S38tT OEELsiupGh0e/G2FVom/tqzm9KBK8IDWl+JgR2fRWgJjQQkGZoCFVzAGX+l+vXEF lYTlvt17JmXzcozEcndVtdOhOiQOFlOABr1Okor+e5vGKhVfC+9bYCq6hAU2fzH7 Wb5fb35cXXUoY7fJxmLwUodMyjEC/7ZueggmLgQlfyR75d6jnX+VPQXXBSamaaeP peb767C7f59ppK0PA4XMy6z8V0d741nQzJlHBWZci1tfnQvDy38NX1p/+HoLaEGS ERe2NvYmEe2Zt/vZl+b/ =wyDe -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-wlc Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vBAAoJEK89gD3EAJB5DyEQAOZXYD8FI8cLQMVasgCJ2rv5 K8kiwYTZ6RQj0PgdeTk4Ed6UMbi0iT0XYt8E8lo73TNCEm9mqN9nPCXX0Kxsa/06 +aK1yDgB+wxbbrvQ+JNDO6GHWzcjB98giv6lVN8dTDzO8nEP12q1EvV7xKREc7Tz AJ2xTEOWgpTPEwDG0NxA5ihsxjtPRj52w1m0uxJladV1VFlvfGqmiA2NK7PdRUjz +5FpbVNG/fBzJCkjQQPjyZViYsAPaeRQnQMfIUov6D7Ta0RYWe+qlSwjmfElR8Pb BdeACjVsCEZ+YLrQgsyBXZ4MVf8+CL4VdC4M4vrRnxWqVatqdUqNVlsGrovyuVDh PijWM0pmS/yk12M4KIpjPzPlwJbC9vs4s7qaJXaP+94YvtJwzGAuT9LrWohMExfJ kQmmCn+Cy/TpX4qMzbN0i5+n+at9KPqHRdSHlnqCTY8eQkxOhY3vt6fbl1z5JkMh vvq3C9nXC6cQ/Jat36MmXRI3Ky++CzZ1od9joRb1kRAijlM7ZF9hjC0cqsWNX9O1 4XXo4wZ/VaJRUWmSHTMsjY2Yk8ccq1bq8agkOQm+sSBvn36LVrjKpC7ZZEIavnwt w9A+xLOoVMffa8QiUnLzKu9YuztfHmpWt9wsalhBwaAxeXtxNKKh8GUUtucDo6m0 fclgfYYNyMiUShiD48JD =FKA2 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory:Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability Advisory ID: cisco-sa-20160413-ucs Revision 1.0 Published: 2016 April 13 16:00 GMT +- Summary === A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXDnP/AAoJEK89gD3EAJB5ebAP/0ebMx3m4efcj7BGwzX9S6uH WH5kJ63/MdIl1GOHme8YkVXtkMMgfGTmSEbZp61OlgqDfUiOBd9aJjnX/vYWPvBo arI0NC2Bn15/q3fMvFm+Kuhbu/a7pB964f37Cn5xmTTT09gaBIM8YSUf+rE8yejb nqwxerngGyftSrj4U0v8ePZlOAQZptpROYxpJVjsx2PcLhV12jVrCPJnyHjAQkCZ Z174n6H8LLbNAb5DQBqxzUEK6tmUrHG4w7AxtadnWHGi6webotvO33W+enAz1/hZ w5FjoiE9Q4kQMCR6CoyltsQFgBesT+e5D/ujrtCvhULAUXhGkLqCCAITxknsUcbT bh34Er10+XHTC34DlNt2iWZTZwuSuvfNcpDphuFmVffHaG3PGTwOnY29y1sxw1qa w/YO4OzXfTEQB9vFlp4x5pFTriAqkg4aqmVJ8s6Xek8HTv3TUFRLlCUd/KqExaaA 19jgZkeJaznipkSeIf2Ez3YT54B0bIS5hBy2qvvjUbGLXpb7FuMX4MU+rg5Iz/Pd XzA++8NJS19Bfy65qFRNeDfWInSXMlQY2eN5yGRIg9wyO53FVuCFbeNVNSZJyS2d ISDIqCz2mxLZsAlhubat5TltLkimFUCtQ98IUWKjtUvTeUEPks4W2aLyU7NSlYI5 si1jM2s3eKYkXAN+9fSL =B6H0 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160406-remcode Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be used to conduct further attacks. Cisco has released software updates that address this vulnerability. Workarounds are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvwW1q89gD3EAJB5AQLU4BAAyVleGTpbOO2B2/XM1NBCcB5qJ5K/DrSd hmyLpLBt7AvVywWTT44ofYUusDvz4tuAYOKq0GXrF8mvJyEP0L8xTZgKzusMb1p/ WxXl9PiyX72NVdJGT3MArrJrq+rMOBVzArU3ytAkXpVWAEU02XRwEkrZtYRGW0aV y32fCOl6kNQTwB8eIX9ncZZ1tsRbpQfEpYoBPuRJ3JYqNb6r32YTbXRsiJV5RWTI cxDP685HlM+07tx9VkGha3K0jDZUMWAJNmMl9mmYIClU4rVnwJa+d5vupCYJM4b5 7C270KA+5gkaJ0eadoR6Cws0wJ3661x5xodL9NR9E8h7je4d1aI1R0pdI8slaLIL 2doba85zsMZskjrxd12Ge4oTwYvCfC9CthhRKtCp+MNeJXyBIoDBFEbHMTmD7zTq EKK38udpIYR8+XEetWhLhDdVX5bw/fvWDjb/CVe5bTJ9JihAZgAJ+l9tjnK10+lV M0AqJ6kTG0SBlUKAxZ9gy3STcg5P8Ttil4FV80WsclGCAiNl6myUIzCvo0OhERUC gVuJEl2VODOADi7iqXV2vLpyz5cwgGgjEJ+2oUMHn6jycBzaUqzknbe+hYPC5pn+ NXWTakXyo/8kGrkK5SbU3IsZAWIiOs9GBS1X4GWfsTbrtl6tUxjX9Nix91xNp3zu 4h9eGOzLkus= =z8pz -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability Advisory ID: cisco-sa-20160406-privauth Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +- Summary === A vulnerability in the application programming interface (API) web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to improper role-based access control (RBAC) when an unexpected HTTP URL request is received that does not match an expected pattern filter. An attacker could exploit this vulnerability by sending a crafted HTTP request with a modified URL to bypass RBAC settings. An exploit could allow the attacker to gain elevated privileges on the application to view and edit unauthorized data. Cisco has released software updates that address this vulnerability. Workarounds are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvwYh689gD3EAJB5AQLLgRAAg4xrATdBkx1HDJ8ayV+Y56veWjyLj+HT 8/3ZMHYiGthZ0/auH1Q4iGA6A9D1GSoVPaIlpnyDa7FK7o2ZYhk+HQ+6rcS3axqU WJmU9Lirs11MResMOJzSDzxgAeGcpW2baLBoYsMCv/LceJNEN4Br3SSG0LNWaVhm kolE4HXJHsH3BXiOX0gx9QIOO8DYc8CT+p483qaYpj8tfH7RbMl3q4pcRseFI5LP cNO16YLRkunlD7CgUxRleU2540WJr88BIFIL+qSSiW2A0uLiZ2jPd7Nsgn8U8/Y8 djYUJ6j35ikJSbZ6pUp3O1+RsGuf6YWCXDuE+xCnwBhIsvVPOi1MaZS2YM9EqV2I zouPHVeGG3ML8mTKscDusHqBdT/NYgAWBVn+wvV1uGo4/eMdEzGUUOj/ucyl80Il 4U1hdJWsbrcgEQMn85a3BRDj/r33v3XEXAhOvuoAJMoBZn64tUFccqBlMuyNVGg/ EYQGLL+F/OxqZgt5efwYrnQtnUJvaAHvHPNvSui4hEEMxUJ21lK5wDsS6AL88hZE GVAF2dNTem8Xi3g3+q5/6V12XLdBJoLGVbO1BqYTBoCQrw9J8dnZzXF9ZSFQlXoX a3qM8eGytch/+GpZFIQEOyT02dZJ9qnKy+PdTNV4sHYFDuCLV79ek9Qs4XlOx/kJ d2vFFqLF/Ug= =ICvg -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160406-cts2 Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device. The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability by submitting malformed STUN packets to the device. If successful, the attacker could force the device to reload and drop all calls in the process. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406- cts2 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJXBSEeAAoJEK89gD3EAJB52JIQAMfj1NBNDPnO5Aaxt7q/WF09 RN1RVX2VCbk48UX7OyvVZ1ipj5aLoi9S3mV0k7AL+VsYpdW5XaLEbAqCV7vTmM8o 1FfPVVeWdnFd2JTfBOP7lHwJ1Q1p9IarlCAnIUIpPfJ28V+XKGpgsI1gioZo+6Gy oe1dXmbiBXOYyNyZSzWkS13ydZjN9lFWHoN17A7vslHaD1mbkoj7qSL0gzmpk8+p FDycKFIVDqKU2IfmFdVbDNDKUvuFmTSgdOx0cB2BgHuM+K6ftR1T26/cQbynFus4 jUbKQZ47019Cdn1YCePExn+ojaiypvI/a4JGRstiVtilsm3ulw04GiTRUgKVp2mG J04CEAYnxcIqjZZJfwTP6AAOW7QjsSMDXvq8PLR8xZYgRqTlD52I5sdQCl41gpv7 v1EsQKiOXVhV+79pJrq1IDYWB7FDkMAV9WDoYTJCg9+ijPbkN2HCtC3EOvXCC58e CDHlybCYQDbp+xX3oZDTx5j63fLNeybxdYP5poBOLzlWgxClfX/6DcaQ11yCCTsW Mjjp8WBvtWQGDIX4KvUbUxijGhn2aV7bw4yFcdj0Gd5P+hU6VEQOmY7D/IoG6uu4 7nlYu0U8nCadZIW22KL55hMwUSsZOOZPEFnOTAfQuNOY2O2+PUWQO/quSUJXG5Jw wYBRpLBK7sHzPl9RzBPx =UEZB -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability Advisory ID: cisco-sa-20160406-cts1 Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco TelePresence Server devices running software versions 4.1(2.29) through 4.2(4.17) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by sending multiple URL requests to an affected device. The requests will eventually time out because negotiation from the client does not occur; however, each request consumes additional memory, resulting in memory exhaustion that causes the device to crash. If successful, the attacker could utilize all available memory resources, causing the device to reload. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406- cts1 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJXBSEYAAoJEK89gD3EAJB581QQAKhG46xic2QPHtFkdwHSL2YW EF9nGj7FpKHFSCgvDFG+cQdYFmeknvnoUdBwyP7uyQ47sUdg65hyQEDXZi2PrQIx PlxZ/h03VXcz/S5H9qFDbCoez5BAFxA/rfdzYWGQPwQs4SxPgrK5Y4Ybkv+HaiVk Jt/wzJZGoP6HyBntzs4EByDbDFXo9qtmU+IhsJnC0PULT7M0AItzABBlGPcIMuaY wptbHaCpB9GXNKXV77Q4C7snqx1XJBpcWuegDe3qTkb3Z+9Bke6h/ZXUN9ntAipS rHt+fmCQ/ZJZgjRiFUmGJ1Tn3gqzJg2sM+BBz7e2d1wlEjXsKAnm1pahj3/xD6gT z8w+4Fb2qUy937juTogT3vBVbZ23TCs6u8Nb3CsHBwDIa595lD540nC8BeS0DQQ0 D/oahFe8GKA3oV2txcsdf34JPCOq6Rt/yzLZYeZWnDaiyRSWpGk0BPFdWzak3htn KzOu/BWiR3BkTnCCk6n3xnp202dIIy4modS8/LSWW8DUGPEpabXQSEq1BBQXpvtL rKrapwWOxi4PyS0TGZZlcmpyJQHjTAx81gxlwRPZGQtFU5Va+HkpDBfVCDEQE/0B Cyk34VQFa5OK78feBYSn7zgG9wrR2er8uHgIKI/Wb/pQuONu85FHrh54lHdR4jKK rjbrd+a06J8wXEwDEoaS =uw3X -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability Advisory ID: cisco-sa-20160406-ucs Revision 1.0 For Public Release 2016 April 06 16:00 GMT (UTC) +- Summary === A vulnerability in the implementation of intra-process communication for Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH private key that is stored in an insecure way on the system. An attacker could exploit this vulnerability by obtaining the SSH private key and connecting using the root account to the system without providing a password. An exploit could allow the attacker to gain access to the system with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXBRJCAAoJEK89gD3EAJB5muUQAJIURzgd5bW4RE6IG6NqznNq 9zL084TWr/TE+lg+NgMQBWc2WqQmxm0+pZnBKpPpmTJ53Lu4yxs0X0ugEpO27r9d l0JVvntCUBwhHogOSCrZCRiqMMMRvC1rj2iYsKIy8khfMfe8/CMHhz/oau8IuhfM 0E/AUTQCTtX6shy0igKXQ6AlX+VZPXswJVvmVdKPB4HOX9/Oc3pPGJ1qOLn+TY3x mAX1dgN4tYqZYnIqY/a9vkBOm/8vd5otW8FgrqrY288QohY7ixoZKEBXPYtAYhWY cmuJjlYgXAJgiHohdEtTCI9biI37+sRURX2RALRBRIKohCfflYpOlVwyczCBNmoS Hx8Y2GzEP8q1BYtNWWekYY9hlgFwnKh8q3M0YNxQ2hW8iOLoFdEnMbIF8YMmmTeU g3HF7WhgDXaLFPFzlT2HrICXvGLz177vDVocEugg4ygbo4Xd5MVZqkfsN1xUgAuG EqVnhoSpRaA8syCg96lJ+dN8BNd/BZKaFWXkN22WGWM+vR9No2NwCEAijiI/u6bN 6S1i97X4UD/SKPUDSr0+PSzWuAlva7vT078STrBj5FMm3JSbT+Q3SbbYQEE98esf hOOV0gOoTh2fkD1eOzZKK3jv/PfTykjJqrfhDu4D1HFvDYL3mScfovXsOZwYtEMx xHRnUExXIaFVEtEth38e =zNe+ -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability Advisory ID: cisco-sa-20160406-cts Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco TelePresence Server devices running software versions 3.0 through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel panic on the device. The vulnerability exists due to a failure to properly handle a specially crafted stream of IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic, rebooting the device. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJXBSERAAoJEK89gD3EAJB5644P/An6qNBuF8NJbf3YmheKoOnZ qdWYOg89Cy/lvHXTiGshZvcahV+T4pwLKVsn40hl3H1Gfp8sOr9b2KIR8MC11jas tSZ2BZUTALhUGJ7l/3DDY2pPajpRkvMlo6BTOKhewpcKxSb5KtXn0QKsQXO/0ipz a0XlrwSZAMsyWQ9/KE3TR9LoQGZ0yPEBUJFZCP5WsMosiFGQGMp7WVO7y6G0L9J/ 9LM9qZHpbi8m01wIrRigJMj7kX/6eFOdFveAUHwBcrThknd7WiaWiK0EdzvYr3bN FbrMub1GFIZp04SaW34r+qK/Rm9P1Bku/+T38nxvAESraKG9Dumj47h3krU476UQ oSxLvacQNnaNBs9kuBFckYLYV7RneQ1u+oZq0LAZaZ6+tWdmC0Y6abrsJk3dupnl k2bX/F3UH8B5h6L9PJROcofuRtmmhOWRklK/kShlheZt/Vf8Wig/yHawRC5on1Iw QvKOWY7510U2pj4OhG2YyZgX1dmJ0neDTul6hJ39uSOBUBm7LYYy8efvqRB3S1te QaodRiaQU8CdbVRDTt5N+5qFoKQ70Ii+2HHX3h+WkMl6oVEpZ32rmn5QvbZ8pS5Y Flnli00aDIVDrxXInqiMLAig4yKKxT12uMH8lX9Ta3tyXSD3PG9QwYXbue1exwwo uwizbTaFsnwb9H5vyNUG =9XH/ -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Firepower Malware Block Bypass Vulnerability Advisory ID: cisco-sa-20160330-fp Revision 1.0 For Public Release 2016 March 30 16:00 UTC (GMT) +- Summary === A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input validation of fields in HTTP headers. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvKwFq89gD3EAJB5AQIjFg/+MHsKskM68q7HIhF7EB6yN3Pjau4/1bPd 9xYd3UJ1bh9jmrObAlwEIL+P40WUKQCO23Z/66opMboXTBSMLrAe1/2xMevx+6f5 Gkl8V1Ew0Ziona0DE3D3vtdPTmnY19KRpUwIMQbYsiKs2SaxoiX04J5Ny21+Uxvz xskTGEW0kX7HpZ2kWODmBTyLJS1/59SJ4WNt7Sf57FOsIZRg8tk4de27yavaVqbw eFZRYRYITnW9Ks231NhJJErM64qCis2r9yNxU5tP6BbL/CDJNbcsbqXif2t4pDCZ YLTm3sIzfLpmz+YCWSNwcc+UBe34ssmV8zRt3O51mruY7cWKycanvrHq+S9xURix eVoaw+PWZl5kI0RMqQhT9lKR/INXR2Ek93KNPOJXYKuEk8UJA+mVzphUVJR7tifH +iPK7SEEPASodgE5S2lP4d5iUV6U590eUABcfSmtbCP1a80lHpjXQVmjqIa3gnEm Byab7fxjDDGfFcnMdndWyJhEULPgIo5BCg6jMCw9SWvK7u+rSqpA/VaVc3UnvU2K xBTSm2DKd1t09Fo6x1rk+mLOhZ+Ch+7JLCcJxNJe9J0+a4YyuHE99RgV3WmGqOb3 Kx8ojX5yF6KqT+K4pZx2LKwL8rp+r5lZu40EIz0jrFGhKKXftLOADWqMbFwZOxKR xUMD/t+aY6s= =sOTL -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-lisp Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Locator/ID Separation Protocol (LISP) of Cisco IOS Software running on the Cisco Catalyst 6500 and 6800 Series Switches and Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device. The vulnerability is due to a lack of proper input validation when a malformed LISP packet header is received. An attacker could exploit this vulnerability by sending a malformed LISP packet on UDP port 4341. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5IbQQALgBYRKsbfb0HRq6PwrX6hXZ YSGvdheiu6Rk4qRM2xGrM0wX2pzux7iEiP2j9Ts9bhCs6Fhkh7RDWdSN06p8PzOy pxaKtqIDnG838mhhDtoGkKB2LW+KpMK/5LxC5vWXXhYJ9BqaGZUXWUQQOgPfmfVP mkYUwc3VrvEOfvrEE5DGgjrNcXWb6WzJPEyDW6icTOftl5m1Rx80Jstf9aPx72Dl MYA7VuzzeBb4jl4E9/QyOEXw9m4l0cuk98LLlbDSu/Cn01hEUjLruWUubANxmxDk IZv8hk7aJcLUQd5J3Go0YYZWWUq9rvivguO7wzlp7bXBr6q/XNieFqZl0T6AMuBz tdA+FYfPbkbqNnbxodcSzphICVMFHX0SINBHVlstMfWzjwnHrgipa1NPDEBLDoxk lglefU5zDxlM34Bh5+HSXQlRqLqfOhoKpStUX00DK68LtovElLQtfFRswmFtIaMK aunBRXLFfA1rig6s2kPC6eyovYGPaph/744EfXcrSL1h5VKEBhFCRa8bDY7TpeyV ZgFDWYA6vE0goEbHGH9f3L19NNrWD19t4IqhPdPkukgMZJixjU73tJwBYxKDwuAZ lsvyK7iJrfu4zbzJ7+Cr16erk8zxBPWgT7KqDwU+rxYRet/Q7RxhNtwOYbWZfoBm OhYo0ifUMRG2+AMJMsZI =v8Kq -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-l4f Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Wide Area Application Services (WAAS) Express feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of TCP segments. An attacker could exploit this vulnerability by routing a crafted TCP segment through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a denial of service (DoS) condition. To exploit this vulnerability, the attacker needs to route a crafted TCP segment through an egress interface of a device because the vulnerable function is an output feature of the software. In addition, the WAAS Express feature must be enabled on the interface, typically a WAN interface. In most deployments, this means crafted traffic must be initiated from within a device to exploit the vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5gd8QAKIvLg7vwXD/HuiRHNVVG69u rvYEQjI1/fBYFUOba4oX31JcMvgSo1+SLDnpXGLrhnbE0+tZXUcDatTGARsaUYMs 4sC57yPf8gQe7kCujGf1Pkc18nF3qoVNKVwsMIpvBKLWACEg5QCRdHRWu/wJ5XhW q/PkwC5O16gtNC7CaQ6RKO2tnRJhvknJ6xsOii9YA7djSVVZw5Tzqnpvi6E5ztn2 OTFKqRq42h0WS7i2FPEcJlZVrGclrh2dRczlSFjzhK+VeRgLAYEp1brGUwc02KkJ n9QWn/B1tlfm1Rft2mGFyggpgVvGQkCtsRZIII8ZoFOHwXegdFF7/U62upj8u6zf T1JrtnAdSCGkRdVjLXH+VKdG0+Jgi9xqXrjP7XC2xsUxhXl4WO1gzKPFD1w8zrcA 68E6aN/jFIJbXDEMTZRRKnoPCt2cIS90aPfukDNA/6xXx1j80+NxWNEPLE7MSgpy woj5zr/1wEsb3ndjXkEQpxLQVeRr3nybrRpPEYVnmwRpZRq4AsZDYemv0i2i9frq R3CB4vMmdah2A+jZXImMIfYt4HHLcndbYgCd7+CtfXdnLZugoKaIG65HYuRfImyJ ND+ERscodpJo99ojNETIpwtraJ4VvDkqC7Mv2cuWBVJG3tD0LOmSJs+HWOQuxtxC XDxVegi2KshtmhYIImHY =UTvK -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-ios-ikev2 Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handling of crafted, fragmented IKEv2 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2 This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5tHcP/1IOH5dlfWMZD1qNngUnCWzg +ck1Cm1V54sMIDvfjFANdElPi8PI1nFnJ7Nmg6RIN33F5RiREIKy1CEgxAS4vIfB XkgiIGnLhZ+St3R6mgVIHhg+fMJnmBTvxoKwEp/YN1xjNFf4p0hm8B6+KCu8lb0r gDvzxzLo7KZAABedlm7lpqAOIRMPRxA3BApzqMtkIUD9nHLxxWUZWf1jsD0CzQga sFMA8HICaGA69Ldh4YIjC/wkOGrstQIdLNB6EES/klriXflD5p+WFb4zIBfy6CK8 WKbp1QOuqRvkGJRwvAXJ8HgS+gkA+jSxFH0i5tUHR2OvJYm9IsMhw2NJtnDLXv8e UECVlkwslVzac5pGOnpVaK36QYeH5ZAoJuS6Rf6u8kqI/u9mS6qxQzgmZqCWqpkD LAbExAmPg9mvLU225BCkhPs+8Uhbcm45DDt3IRLcCk80P6dFPXXJQ5HVKFIao7MC n10+crFbtAx5Pcs2pFARYD+n2QPuP6iYsh90/BAD1VLWhJFfRc7JbAeHPmai/7RH 78ZGClwqY4ApMejnfnpOiH4VOqApPp8erCdm43Kl7BgVaS9W3Ln9vpipZ1jnxkKq psyLfpDp5ffN/hkO7XkTEOmPK0frypBo2MvcpmAKUuJKhwlGnW5Fc/48s1YoIjRk JlU3J3x8YkKFgxVTKLVu =uD60 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-smi Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling Smart Install functionality on the vulnerable device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU7AAoJEK89gD3EAJB5q20P/in7eAKdRpzbhxKKTtgTdB1G swqyajq6ny5JYarnyGUewUsHDViY5+Nsn1LHoqZR+FTONcTbdPVAK7Bg4K8Zlyzc YJoDN6mBrFt4tBAMQ8OnNUyykEQOj8sLWNp+vHJXNQfG9DkLBPNexTNeUXnIUIJ4 ErLfEhP42PAgnh0LQDv7KwcvwFEHuRxmNgvrjSmBGCujQLwRWuIDIQNglJ3iM9Hl SsOeKbtkGuOSd34hfQWER3nUxckNexR7vheFIdG1FAXluwLH7LLYx4UngZtneyIU g/XDPBZ93kvE5BGxP3bXGzL8fZKRgqzO7y9+nk+21wiCKgfScB53u6SRK8zio6oW LzrJJGlJf05Oj3lBACthDxHQMB0K1gSOFfAH88T4Q7JcTqEglL8Z0Wt/PnYkkh0e m97/bhTCoq6s6kWOwd2y68h65QVkHzizkhR2iqU0ZV/2sckVbvsJKHcGKnSZp0si qsrTrlm0jcGD+PGM1f1oGu6C6buzyO5ZcE2RXRDllloVaPvwMnh2CWvrJpBDOsqd qBXyFBiuEBGkUECroOEnBALNiIZ/n6V87rqBKINQWq4XQqiO0+Mqn/QBhCPZfv83 ZpAxtGiKyOnoMKS3CNjRJV/+lRH65Oy1f51kmFlGiZEaYnZ3Mqq0ikXVO5SNKDQR 1ze7mSr6cgQNQphyiDnv =joeO -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-dhcpv6 Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 relay messages. An attacker could exploit this vulnerability by sending a crafted DHCPv6 relay message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6 This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5YJgP/RY7X+TuMWSKKRtJq6W9c0J8 ovaSUjvYpIdKcp+8JtLlxjn1+PELJkDpFKVmzmzK5S1WDdaBzpjD0edH7b+7iK4J t0Uoz9tr4yBhkoskCRTqGopie63xoqScPYMHaKTTO8lo+4znQt2ykylOZRkDrdGH dL5yX6KJ68adEtj7QwyDAb7ZD9mEEEjySgtJAnz8u5KuLNJT3p6hRLMMJXkD2wPC sL3sD6wi9Ew92hkLq+BQ50qL7kBqGJb4F+y0WmkSiDcrfi/8ZcVY1+cyElrQmqcK cG/qi2FbdCJKcIYIWo9BoBDHsBMuQ+R9bgu79YR1Ux4PnKdElKgTQdFUFnhPzRV+ lsMUkV6NHheW3YrqhkUKHEcZPNxAFwWiaQKFcb+eERbV0X5a651xsRH738lSwMke HY8ewzgNfKL1fPUsH0hGypWZzriOq3gTBZ96veVaXLzyWopyYMH3nw4XZxVeVD5U 07xLfY/3Sq/0Z/kwRXICF24qOGYhLuwLmKJtHyUMXF+YyGN82JwEupU2kY8XvXzv X/fdqjjQL4bN8C6GN5RUsb7HYzYLtWohLklektXWdwMSDw3Zjri4Kh8YjJMiyd8M feMxzIogHHLy8IL07xGnDPYFvGApq6G9hmtTikMANwmPtMix0Rd/YdCufeeMx4WJ 0sJ195oJ0H1n6Eyitkxt =gwyh -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability Advisory ID: cisco-sa-20160323-sip Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Session Initiation Protocol (SIP) gateway implementation in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of an affected device. The vulnerability is due to improper processing of malformed SIP messages. An attacker could exploit this vulnerability by sending malformed SIP messages to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling SIP on the vulnerable device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5EtUP/istyjPt7PTc/nXaKV89MRIl 8AWNXgip5FSt4hvMh+EPXHrZSBUeAUV/HTRhbPukRedLlmCLQ8a9arnMoUHgqQIW yZcgiOZNNHuI4hyM+x094Z9WTCFWvBGbAftjAfFPqH+WBErUCmbhAMzvrK98vfkQ 17ArMN8Jn4TtsASoSN6BbYT3NA02KCsL6F6b13XYvnGA6QmvWLAVaIK7y7zbLfZD 5Dmk7YiDjqp9wnEPZ/HbRcAsAKVgpv8MSHXJ4ShRYG1pblM5aLzCoOlsVlyRTY2H ClMfIX2LuUT6xqJpj1gjHNLsxfDZ+za1n4qNOKsBXV9qjl5Q64kUneQHckWCa0kN +n+7IYMvbVZh+PWaqEP6E/mt3ok5++empwxyhJE4/4rhrvIEgnSk1nynunoli8bZ rC29txodCYfFdilpS+fynwl6hWNymgBNAxt1YX3AUaIwIeYwKNvn8pxhfYFNBteJ eL1CzkNbpUVsFqfeH3iFekZ4J4IH2mZ3mU9FuEkEmlrgktCcluU7xCzu+hr9rGMt GDnlXKmlA8feqkMX42DnTLV9Ai6V31OOcoPOdPU8erKnqVABdsalesUWY65tiik9 waeHcGRCXNZ2PIFl/mN1fHEMvRqFBtLPD17Evy2Z/ag4Id1UuA4B/51JooSnn7QM oT4W50tYItvUS2QBOxCX =XbF5 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability Advisory ID: cisco-sa-20160309-cmdos Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web-based administration interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA could allow an unauthenticated, remote attacker to cause the device to become unresponsive and restart, creating a denial of service (DoS) condition. The vulnerability is due to improper handling, processing, and termination of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to management-enabled interfaces of an affected system. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-cmdos -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOlAAoJEK89gD3EAJB5zRcQAJJyH026GIx2Zntj9Z1Of9Wi +jGDY9tK3JKLJtpaNsUA96lfFx37lXvxCitevru4JgWoXgUfQzsEOvu9QYILSokw 1vGF0gSVdGLg2MQEN22l0wdaoLPZrxPUnjza7W3f+9nl3xQ6s+i3EgfI3TkEFasw t7ns5S2BmSp8qAoHSv+xdY30YY/DreFu9INsKAbPf0qgOssnyZnPu3MIsG/OUNXW ra9QHDrn37yIDNsaZ/qKyiP69O5u1eVHAFojFsfO8u0eU20GrAF0xYDydXHMi2VA 9SFOikOPbOB45l1M41L8JFH9KDoOVW/h7rh8ose4FoQwtu5Vqe8SZsHoEeEyNkO5 +va4yzkNt8fnDXNlftIy9SJLxcgZsXhqM2ljoYOE7dS6c8rRA2CwqtBvL5SUTBLa LCroJEEhhOKJMlZKkjMuoRfvMGyarxZWd8Gc9cR18mSvj4M+37XS5Km6wPAv+C4e goEcJprFHZrE6jMVG8MjafLf3UmZk+DwIjyGpQFY8+UDOQY13KFpyeogMA3c65Ob izn+fTBv8sygSVmYt0l5DMl++yDHP2L5MC88psvOzZYyLIgCpPki9Mz8ILM6Kudn zEFUmdDlvV8hR2Rhiwvh2iJN28qG2cpkvTMtXCXy/TFH6gx/TpF4Qxz70Wql6+rB zncLin8R6mnDXbPJ7EaS =ZTRO -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160309-cmre Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web server used in the Cisco Cable Modem with Digital Voice Model DPC2203 could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to improper input validation for HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-cmre -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOuAAoJEK89gD3EAJB5tk0P/39wydK60UHWXnvBw0CgmJeY 2Z/ScvcmkXjtVbNeD1c38JkmXlm383BS+K7wPpUYiC/UslDfojOB2Tx1/WYy/ESG b4AcOyYrYgpEieQH3paGWwecjA75FGvgu7xoByRcA5z4HlchDLs5m/r3sNRG2Pv0 ekYa9S1pUWhGIW6iPcbq7RVYPw9KF/YlE8Omn57bTNRXZ4B4QVH0PWPpSGG/zy9T VyrAhqFqCN8H45QycqSuz+4S7c4tr8Tz7AYfvL2TH4esdE8gdt6bG/j4erYTvP3v 2qSWDd8760vPStPsWdqhNI+kMYWUGmql1M4TFPfG1YEQ/QqS6axaKySKzXzrbf/j OeTUq7ZWm803tZDpbqSWHsy0qvqfkRoxBf9FVtSGZ/fb8qnM/7UINesd6VlFbIhx F8l1Oo250jLekfCEF+RY+P1MiWhdd1G/RCIa64bEfLENe9KZTfwatm1js86hbDbi LHI3SOtt68W9Txei007lCngBZbwe2QB66S49qe6CPOr9qopW2rwtiIyPL/FkbzkZ E1S9g+ScTYyEZEpjZSPNCA6ztLM4q2ez5dnbH3iGeMnviriU8FCkutQDL9x6lVuW Edj9n+nUdtn7JhpTMgspGrMpZsikYz02fuW9NxuzRK1fOSDFdKN8EBcCXHuDfhf7 ujCtz0djzTyAyB7q1FCl =su0m -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability Advisory ID: cisco-sa-20160309-rgid Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device. The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOZAAoJEK89gD3EAJB5L+kP/3k8pRmQQ3Dig29KOdQR0bP2 6UI3pty+tMylw7i17/YBXgpubxmz8hyD+q9yqTwb97a15BY7/89PJ/SMmAlp0z7/ TNC6OtuTYRNovT4uTs4h8LC04U0jWq9Z/caSeHRqn9HpgKWv+wxq0S3A5pVWYiSH xfdt81ek2fj6ZND4hEHUQoVNrWLDylhirbGcmTe84HkxUDeIyzivSlyDovfedijc 2hyWXl3DRD9UqoOEW2zVy74wn7BWANCmWXrlPxsyFfSZyMHsZlSGS5y8Oe8Cearm 6wGyGr3NWRHX1baLEIA4j/oeSiooWsHLGa3ja+Td8p/ADK1h/nlnwBB9GxOjJoCQ Dx78cf7Aa9UbyUjviSt4od2TDxTg4D4n7zU4fglBqODX0nw4sUH7Rylt7ce3ZzEL Jfgo9+W4JQL81SA+qdBiCpMLcgR+ChAALcXti4WZolOPt9Iceo9ahYPQe+VUbfLR OF/sSFOZHZM6gRPlkYhF6if9ZD6CZ1jgMjuSoWc/pAsiiRCmzdXIev2UcVqVnSTE nnSppYjVa3E4hKzR2VHQHmRtNYfTNTGVyM5VCHelWzscJGhAWeC6pLgyOPqySRvR hsC/XM31sa0E9GxmqQYyJD1gqDmwrS4DPtLUJkmv/3zIU0bbFkxAcQz9pSfOPHgC gfpjKXGVQFqJpiyuFJUm =rVTy -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Advisory ID: cisco-sa-20160309-csc Revision 1.0 For Public Release 2016 March 09 16:00 GMT (UTC) +- Summary === A vulnerability in the HTTPS inspection engine of the Cisco ASA Content Security and Control Security Services Module (CSC-SSM) could allow an unauthenticated, remote attacker to cause exhaustion of available memory, system instability, and a reload of the affected system. The vulnerability is due to improper handling of HTTPS packets transiting through the affected system. An attacker could exploit this vulnerability by sending HTTPS packets through the affected system at high rate. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-csc -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4CazAAoJEK89gD3EAJB5o5YQAMQYMbfDew3kqQ9ntfXBuySb suvOc20TJ+/mOJ+nbxa/afXaTh3wYIdgVBoGT8ekxGm4X5KZPVfJ5clV6HFxNRNd M5C+EFXPL3396k9ec3lipGGR2a4wzLKoQY9sKjeNyY3Nq1pumTTY3iPcltMEDfaN VM5FrRJIdCCKEJvoLmdZa7vLkt9O3aqXKlJQuoHcYmYcTnUrF8Lc9KsO/A3CMDLk EnTZrtXyiagNn3uB7nMYDiIwFMEFt+MJSIDh1Fr8Hpd/eRLv8nWetLvfuhfwdGmC lREb/ozJB9pDrutxVV7DYUKEEakFdxeBBxGGwcUAIOY99RjBwvPZqw08rd3jNWI3 K7DTYptb2cOCMNMGaaUO3Ei2u4hpgL//Dv9Ug3wh87S6hThKriMvtRNL1895BxBP HkNWrRVvJmczXo9AfY6XOIej4FbQ4Is13WyH/oR4X8vkuhD7ZcGsfQFK7e1d/Kw8 ShXr7bp+XhPBtOfKs4ETISZ9zREVlrKh7MKb4TJtFIKSIQ/WKXvFALWXDBEAueO8 r+ngNmHzTzpcG2laL8t/M2dxRKL6Dl9zK5LhsqbrgLHi/9d/iAlid65ri4R+hcao UcOfLsO+ag9gpLc4eeoJOFGy7Vzfss712B/gqW8DKXFo0yhf0YWBQeDTNO6DOpeZ hckk5kAkrcFSBoJowmC1 =K437 -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 Advisory ID: cisco-sa-20160302-openssl Version 1.0: Interim For Public Release: 2016 March 2 19:30 UTC (GMT) +- Summary === On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities. DROWN is a cross-protocol attack that actively exploits weaknesses in SSL version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol. To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. This advisory will be updated as additional information becomes available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBAgAGBQJW10S9AAoJEK89gD3EAJB5NdkQAMtgK0CXafb5RAErJk8tL7gh ssAHSfxqIaa5/LtPKgUZokFGT+lr/QDsjy7dWzYXPOux/sPENgIQZlqwMfUEEw3w BHIx1H1KhJ4BFKAZTOMUjUmSQJv8rPfllekb87e4sK5+wk9JHO2azJoJ/YQlryBc b+DdHaltS+bptQ9uai63IVWz8ATDMtdCC7ZeA5lKcx184kVsbScawP46KQCHJwij IJZ0oCM9B6nagDMH75a53u7YIWz7ugs1CQgUSOoUOwdmgzNWEdohJ4uQL5epwHmY BDf1pZUMjemZyiP62aXQZnta6vCF0VLC2lrrWx2bfFOHfLQ5cv5ZcAS2CruzN0Y3 ox88g8xQSJkUYggqtzWsD7zuJYN30D59dsfWBxbAjEpK/bjcQnHX9+3oeRuyljBi L//EVLliYDTCnr/9+u2zCg42H5gsodEGscQZAoHLXvhDTV48/CaimpcISRyudTt8 8bIwgCvB35MbEcH2IIpzbIRjvmIt98CbxQGD5e1FGkBm1lmKqAoP77+h22IdAKh4 8YxN/W7qe0P1mVSfJVu5HYu44ZKKwhxd5ExT7NGCugJdEEB5DobXrsyu0jxR6gdq VCR+Tw2Xbk+Xuf+lL3cfUaMz+V2Bvqb1zVJpTp3i6ix3qy/Hwssp/bJctM4Cetka QNJPOHwNdCLuGkSqItKJ =cvrZ -END PGP SIGNATURE- ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/