[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Vulnerabilities in Cisco Wireless LAN Controllers Advisory ID: cisco-sa-20140305-wlc Revision 1.0 For Public Release 2014 March 5 16:00 UTC (GMT) Summary === The Cisco Wireless LAN Controller (WLC) product family is affected by the following vulnerabilities: * Cisco Wireless LAN Controller Denial of Service Vulnerability * Cisco Wireless LAN Controller Unauthorized Access to Associated Access Points Vulnerability * Cisco Wireless LAN Controller IGMP Version 3 Denial of Service Vulnerability * Cisco Wireless LAN Controller MLDv2 Denial of Service Vulnerability * Cisco Wireless LAN Controller Crafted Frame Denial of Service Vulnerability * Cisco Wireless LAN Controller Crafted Frame Denial of Service Vulnerability Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-wlc -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTFyueAAoJEIpI1I6i1Mx3QjIQALqJuwk1Y8YJAG+QM86XNUw3 aT3rlIPdAazREbXTX4VjLVyvdlfdhq8nQOjWf11ipkOU2FvGG+CM4fjk2Mz/4yUv YENEQLb8PZIzAaQh+Jk40DSVlEaNw6QdM5qg/4mz35BDc03TPMOos3W1wB6/erJj D8ml9HxU9+l29RNDkWeeatJUIrpL2jP6YiYdctBSqpm0KP4i5sv8DIMMWvMMqny0 D3rUqlLbYKGA2M6Ho9yOB7f/OF9QckDDqhkMagV1xPMF8ii+1EgLyTD1g33+6Hi5 YS/MrHiRr9g8n0NZQdcM3hfOTZc09ucw5/3iPqhC2H/XGVJOSq8w9vGNjY6dpP9s p0CiNmoX2bISLCzKPkfM9LzeFBENJjhR0owGeGpSvwCgwJ9n97Z9xUqfok+X57QA fenzUOv7dY508+ULBiMr98DWdx59U7fjX61i1Gl361+f8yGljSI+Cp2ObWKHy+gD sa+Em7P7rNUZ/lkzC7vW0svqNNiZioNK9t3SP/MjSUE2qSwpPVUow+FrnR3q/o3l B5Fi3gMxOwCu2pLFgIiIvILDRWU3t0z1PlGv2sF0QmXgFAtd0/aPRDmHTqJ2mi1N stGO/bk1nOcUcPdPLLOy1GQeJzLCR1ow6+FRDCu7BixGjZp5U3/UZtjwoz/ebQnK WCGLHbeJbNdGzOFxAaqz =LECh -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability Advisory ID: cisco-sa-20140305-rpd Revision 1.0 For Public Release 2014 March 5 16:00 UTC (GMT) +- Summary === A vulnerability in the web management interface of the Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN Router, and the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain administrative-level access to the web management interface of the affected device. The vulnerability is due to improper handling of authentication requests by the web framework. An attacker could exploit this vulnerability by intercepting, modifying and resubmitting an authentication request. Successful exploitation of this vulnerability could give an attacker administrative-level access to the web-based administration interface on the affected device. Cisco has released free software updates that address this vulnerability. There are currently no known workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBUxdNdYpI1I6i1Mx3AQKOVQ//fDCH4hGeCpP1cWb2Huz9Oca8WqiDDzFZ yItR++/l1/vFnQpe7hXmuEt1g/eCSOgV7jF/ILCpEjGN7Kh2zF/uYenBX8t6QYsr nd/yO9gr82B/MwMPl8W5HU5jlpo+s82sbIr7X5TGv8+m3yTBLfboD27TQzkuzlZH EoaOd/UnCHWKYJR+ADjG6+HLPY1zvr+gcycsrI8eTPzZmWp5rMjhlNgApYTRcC7P g9EDG5qkkroEWufZpjC6ZX1KwE227WA8EFe0v34xlPjXYGdQK431qDK02QH85fkb lOHpqFfRGAjuVyIhp99cQ+bXCx1vsBoB9vul/L0It68yeo8HePnnAlnjNhEkhQZg cLAwZpEY/ndvcIjj03qfi/q9IFYLpjMrpaJhUJV1Z7Tan2gBf5u5ISlAvqqFIfgo U6X0Lg8nDvN133I1jLCpdpeUKVm19WXntx5oqo/5YWshdClfP2B7Jx7mKLv72Ff4 BpNMQCAXXfa4xV4YQrMPxUlcfwSs8+BVzMaKN0Ewbph/z6fbW/uTCTmy+D1Guu9q G2XA2/Hk7h8+O7gJf5OiHFl/5sHlGeLQ3HHN2+jnizOh66vm/Nko8wc7RtMSfWnh 0mOLK7HHYkPFvnZpLVEHHi7l1CcAHIj+qKt2ZX65I7GQgGWq76usZntIaiqAslij hc8D2np3qGo= =uInA -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure Command Execution Vulnerability Advisory ID: cisco-sa-20140226-pi Revision 1.0 For Public Release 2014 February 26 16:00 UTC (GMT) Summary === A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command via a specific URL. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released free software updates that address this vulnerability. A software patch that addresses this vulnerability in all affected versions is also available. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140226-pi -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTDf6tAAoJEIpI1I6i1Mx3NYgQALW6jEKLiPRD5IZ1j/V4eD5O nsjvGer3XNJVdp3BM1+KU4j/JWSSuCimZcRiZpRDvOeb5ecSDnlyRYzygMo+bsdV fY0PrzOBJ9JxCfWX/9+0MsJZbaBFX1uI/Kic/4vZRhTwE4VsQKV6fhO3drbPaTsT BlkePdhE7tezBoxA2Ek7IXMyRDf/fQOhJE1//INtxkAoig2jauDvQ7k+qSnE2iXq zZRgSCmm9y462U/uf+zWBbGkeyPADEHpBTZB1eiVD7bsQIVmi9iKIUgamCaPtLs4 PeSpwOgvCfA6YEot34HoOP1/XupqekXiWdRnDXromDZACUKe8QpQxVVN/uauaz4s +klrPDoiCDoDKV83LLPIVd7lGW0VzEAgMBk8hy06PGGRwqMSDBmRs8EyoRf2o3J1 nn/FVty8FGhd2CZAcnG8WccUcCjUGZNHKDe1Y7aIdE8b6hvHUgWEgOpE2o2WLZ+w Ivnlk8AQuJrKHmO8sKDk39BNk42U5+PX64bolo60RyCA/0yQ4wmBPFZxxx8JaFYT Vpq/dp99m8B1EpMnZpnBsKsNjMoNWvNhoafbpIRbqIBJx5+JNibmQajke9S+Ge9H SUXY930hKqOKXFFFgHKfoQHL8/P69dPi826VKeOCkPxQm1eHkSVVuJ2enQdkHRug hee5aSj00KvSKL/W1KUA =VfwX -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability Advisory ID: cisco-sa-20140219-fwsm Revision 1.0 For Public Release 2014 February 19 16:00 UTC (GMT) +- Summary === Cisco Firewall Services Module (FWSM) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to a race condition when releasing the memory allocated by the cut-through proxy function. An attacker could exploit this vulnerability by sending traffic to match the condition that triggers cut-through proxy authentication. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate the vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-fwsm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlMEtNcACgkQUddfH3/BbTqQ+wD+NFmMxteh3LtLTfRu/MLP3fUd 1JUZsmYsfWURrVRYKWIA/jCIeNeOrEZk3+us7+gkLQ0m8CPFzYtwmJv0WAuUz4nL =CKL7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IPS Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IPS Software Advisory ID: cisco-sa-20140219-ips Revision 1.0 For Public Release 2014 February 19 16:00 UTC (GMT) +- Summary === Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities: Cisco IPS Analysis Engine Denial of Service Vulnerability Cisco IPS Control-Plane MainApp Denial of Service Vulnerability Cisco IPS Jumbo Frame Denial of Service Vulnerability The Cisco IPS Analysis Engine Denial of Service Vulnerability and the Cisco IPS Jumbo Frame Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive or crash. When this occurs, the Cisco IPS will stop inspecting traffic. The Cisco IPS Control-Plane MainApp Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the MainApp process to become unresponsive and prevent it from executing several tasks including alert notification, event store management, and sensor authentication. The Cisco IPS web server will also be unavailable while the MainApp process is unresponsive, and other processes such as the Analysis Engine process may not work properly. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of the vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlMEtN8ACgkQUddfH3/BbTqaXgD+NeE2RZeYebqQItuny2wwM75u aKOGy+hgzq4SO1Rd42UA/iTYBple0vixcw47mcP8QlnHxbLNNLvPj8RaD8Yktd+Q =mckJ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco UCS Director Default Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco UCS Director Default Credentials Vulnerability Advisory ID: cisco-sa-20140219-ucsd Revision 1.0 For Public Release 2014 February 19 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to a default root user account created during installation. An attacker could exploit this vulnerability by accessing the server command-line interface (CLI) remotely using the default account credentials. An exploit could allow the attacker to log in with the default credentials, which provide full administrative rights to the system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ucsd -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlMEtOsACgkQUddfH3/BbTrerwD9F9frFRfdIPKHUxFOVSdCWw48 nYMwynXoUtbiTFxpPTwA/A1wg6tWwHyIg3OGrhLzxoMxGQzBlk1QfxxaXORde2I8 =zBK2 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905 Advisory ID: cisco-sa-20140219-phone Revision 1.0 For Public Release 2014 February 19 16:00 UTC (GMT) +- Summary === A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-phone -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlMEtOUACgkQUddfH3/BbToAgwD/YVTgOAUwc7a7j1oWJqLyWjsi 49ZYhWjP2fS5b9hbKdsA/1STDtpjHVVhRv4AsS8AL2EenDZGj8NyfJPM9CEUjrUm =Ol4C -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability Advisory ID: cisco-sa-20140122-isdngw Revision 1.0 For Public Release 2014 January 22 16:00 UTC (GMT) +- Summary === Cisco TelePresence ISDN Gateway contains a vulnerability that could allow an unauthenticated, remote attacker to trigger the drop of the data channel (D-channel) causing all calls to be terminated and preventing users from making new calls. Cisco has released free software updates that address this vulnerability. No workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-isdngw -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlLftyMACgkQUddfH3/BbTqGGQD+KxXwskb8KhJfaOW2Z4L2KEOx UK/LObLc2I9fY+S4+K0A/3nLwJck2HZCZE41WGLchuuFcOlObwEcAOwwR7canYOQ =Z7JB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability Advisory ID: cisco-sa-20140122-vcs Revision 1.0 For Public Release 2014 January 22 16:00 UTC (GMT) +- Summary === Cisco TelePresence Video Communication Server (VCS) contains a vulnerability that could allow an unauthenticated, remote attacker to trigger the failure of several critical processes which may cause active call to be dropped and prevent users from making new calls until the affected system is reloaded. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlLftycACgkQUddfH3/BbTpuLQD/QuXcNK44FBAx3wTjIHkBBu3T kguByH4A3S/8k0SiEZYA/0AWAbjBnBeP+2WR5dtyOWhbz977X6wv1mwSnFuwAAW9 =toYB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability Advisory ID: cisco-sa-20140122-cts Revision 1.0 For Public Release 2014 January 22 16:00 UTC (GMT) +- Summary === Cisco TelePresence System Software contains a vulnerability in the System Status Collection Daemon (SSCD) code that could allow an unauthenticated, adjacent attacker to execute arbitrary commands with the privileges of the root user. Cisco has released free software updates that address this vulnerability. No workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-cts -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlLftvIACgkQUddfH3/BbTrePQD9FSpmHbt1k2llXblHoEoQrOEd 1G5+AeNJnwMANjUfiSsA/RtJM/0hpPgxhq/FekwVXg4FLeNCpfB+UJqEjAhezWzy =RUj5 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System Advisory ID: cisco-sa-20140115-csacs Revision 1.0 For Public Release 2014 January 15 12:00 UTC (GMT) +- Summary === Cisco Secure Access Control System (ACS) is affected by the following vulnerabilities: Cisco Secure ACS RMI Privilege Escalation Vulernability Cisco Secure ACS RMI Unauthenticated User Access Vulnerability Cisco Secure ACS Operating System Command Injection Vulnerability Cisco Secure ACS uses the Remote Method Invocation (RMI) interface for internode communication using TCP ports 2020 and 2030. These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the other. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs Network-based mitigations for the RMI-based vulnerabilities are outlined in the Cisco Applied Mitigation Bulletin: Identifying and Mitigating the Multiple Vulnerabilities in Cisco Secure Access Control System http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=32120 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlLWjpIACgkQUddfH3/BbTosbAD/VuzxU5TkUyAhJLycJHyypiRg fZpaJ6IZvX+mjLRTidMA/iYaghbeg9GGU1a9FlRZt+WC/BNaodIGGU35zzlM+Ztb =ffTY -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Undocumented Test Interface in Cisco Small Business Devices
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Undocumented Test Interface in Cisco Small Business Devices Advisory ID: cisco-sa-20140110-sbd Revision 1.0 For Public Release 2014 January 10 16:00 UTC (GMT) +- Summary === A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlLQN78ACgkQUddfH3/BbTqu+wD/eWfAdt6H8ltKyHE4DT8SkTPM j08MEAnhmkmuHjXSuwEA/0VbbYIOr1mqoOJEUbF3aFw7Veacwgk555uevEeC1/9b =V3bU -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Advisory ID: cisco-sa-20131106-tvxca Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT) +- Summary === A vulnerability in the WIL-A module of Cisco TelePresence VX Clinical Assistant could allow an unauthenticated, remote attacker to log in as the admin user of the device using a blank password. The vulnerability is due to a coding error that resets the password for the admin user to a blank password on every reboot. An attacker could exploit this vulnerability by logging in to the administrative interface as the admin user with a blank password. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlJ6S/QACgkQUddfH3/BbTpvJwD/WFsZrxKrAKmjuxaPITDpWlMY RyGikVNS4XpD6f5P7fwA/iwMBIteU5dteXuNSXolMd0qAOoZ+IfUw8YtzHWzKlAm =6h/7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20131106-sip Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT) +- Summary === A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks that may result in system instabilities. To exploit this vulnerability, affected devices must be configured to process SIP messages. Limited Cisco IOS Software releases are affected. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-sip -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlJ6S+MACgkQUddfH3/BbTo0OQD/QYkqdRWe1T2Wthrd+gJ78hcu FqJ3qA3OytQgNvtypg4A/3Ekbsl6PitW3C93b0anTlBnyX8EHjpQZMuzUeJakkQI =qkpl -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory Cisco WAAS Mobile Remote Code Execution Vulnerability Advisory ID: cisco-sa-20131106-waasm Revision 1.0 For Public Release 2013 November 6 16:00 UTC (GMT) +-- Summary === Cisco Wide Area Application Services (WAAS) Mobile contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the Cisco WAAS Mobile server with the privileges of the Microsoft Internet Information Services (IIS) web server. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iFcDBQFSekRGUddfH3/BbToRCN00AQCADPIVyRY3IlQWUP8airNTGgvEoUSldfEV 7PSc77PgsQD+NAhj1b/5GuHgYgGGGB3ue79dG6wNmAkkb48RJ5Eehs8= =C2oN -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Advisory ID: cisco-sa-20131030-asr1000 Revision 1.0 For Public Release 2013 October 30 16:00 UTC (GMT) +- Summary === Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities: Cisco IOS XE Software Malformed ICMP Packet Denial of Service Vulnerability Cisco IOS XE Software PPTP Traffic Denial of Service Vulnerability Cisco IOS XE Software TCP Segment Reassembly Denial of Service Vulnerability Cisco IOS XE Software Malformed EoGRE Packet Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities could allow an unauthenticated remote attacker to trigger a reload of the embedded services processors (ESP) card or the route processor (RP) card, causing an interruption of services. Repeated exploitation could result in a sustained DoS condition. Note: Cisco IOS Software and Cisco IOS-XR Software are not affected by these vulnerabilities. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlJw9GgACgkQUddfH3/BbTrMlAD/SV+qri1wZW1g+vZJHrrvQXaR aWEgfYfj/8/moCIOQhMA/25x0feNJQYqWiCEobiPwbwYWdU0U3Pa9w8iRFEOhOiz =s6zR -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players Advisory ID: cisco-sa-20130904-webex Revision 1.0 For Public Release 2013 September 4 16:00 UTC (GMT) +- Summary === Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. Exploitation of these vulnerabilities could allow a remote attacker to crash an affected player, and in some cases, could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. Cisco has updated affected versions of the Cisco WebEx Business Suite meeting sites, Cisco WebEx 11 meeting sites, Cisco WebEx Meetings Server, and Cisco WebEx WRF and ARF Players to address these vulnerabilities. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlInNGoACgkQUddfH3/BbTrx2wD/XU9LdhBn7GBvGQKxvuSOUVkF g7eCKYNYFuPp/DefamAA/jxU0jYcOpWUG4/NhBBXUHOSIdJ+Qi6u8tIop1O1yLmR =SmiP -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability Advisory ID: cisco-sa-20130828-acs Revision 1.0 For Public Release 2013 August 28 16:00 UTC (GMT) +-- Summary === A vulnerability in the EAP-FAST authentication module of Cisco Secure Access Control Server (ACS) versions 4.0 through 4.2.1.15 could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco Secure ACS server. This vulnerability is only present when Cisco Secure ACS is configured as a RADIUS server. The vulnerability is due to improper parsing of user identities used for EAP-FAST authentication. An attacker could exploit this vulnerability by sending crafted EAP-FAST packets to an affected device. An exploit could allow the attacker to execute arbitrary commands on the Cisco Secure ACS server and take full control of the affected server. There are no workarounds for this vulnerability. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130828-acs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlId9U8ACgkQUddfH3/BbTq1hgD9E1+zaqDXuMB+3vutKxeVWOm1 SZu8LlzZCoI7y+J9fnYA/2PiBWLsMJULUwdntZGqimWru7mXOe8OSQhaYJSglW3r =6OJl -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Unified Communications Manager Advisory ID: cisco-sa-20130821-cucm Revision 1.0 For Public Release 2013 August 21 16:00 UTC (GMT) +- Summary === Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to modify data, execute arbitrary commands, or cause a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlIUzXcACgkQUddfH3/BbTpXXgD/WeFyThlNqzfx3Kaz/mbCYNSl nw+mLEosxsMQ0kwhTYcA/0p6XATzXcrg/S2fFfez3FU1NT7RuVJIo38TqRiauwyo =Yf0M -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities Advisory ID: cisco-sa-20130821-hcm Revision 1.0 For Public Release 2013 August 21 16:00 UTC (GMT) +- Summary === Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Exploitation of these vulnerabilities could interrupt the monitoring of voice services and exhaust system resources. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlIUzXsACgkQUddfH3/BbToJkAD5AQjAro8GcIhpkruiGl278xX+ CS9W9PVkb+XhNdiIJEkA/1a0hHJ7hOwDzddAfa5epKOMiXOmDZhL+RLW9v4yT2E+ =WTtz -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability Advisory ID: cisco-sa-20130821-cup Revision 1.0 For Public Release 2013 August 21 16:00 UTC (GMT) +- Summary === Cisco Unified Communications Manager IM and Presence Service contains a denial of service (DoS) vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Exploitation of this vulnerability could cause an interruption of presence services. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate exploitation of this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlIUzXQACgkQUddfH3/BbTofOAD9EqfgTnNVxIJYLzYUC5gIn8Hs xU7IztTDmNcT5MYk7JIA+gLzD3I64qxWRUvGie8/9Wpex+7g7n07l/oYPKZ35j8h =h+xc -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence System Default Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence System Default Credentials Vulnerability Advisory ID: cisco-sa-20130807-tp Revision 1.0 For Public Release 2013 August 7 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco TelePresence System could allow a remote attacker to access the web server via a user account that is created with default credentials. The vulnerability is due to a default user account being created at installation time. An attacker could exploit this vulnerability by remotely accessing the web server and using the default account credentials. An exploit could allow the attacker to log in with the default credentials, which gives them full administrative rights to the system. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130807-tp -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iF4EAREKAAYFAlICRBYACgkQUddfH3/BbTrGqQD+I5Yf/eVxV/vsUxX31XHDrLG+ NxwiFn3e1mDPMir9pGIA/jTzkeCxTTGMm5brlUQTFE0YJ3vDzXwAtp+HVzqu8i6K =tMib -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: OSPF LSA Manipulation Vulnerability in Multiple Cisco Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: OSPF LSA Manipulation Vulnerability in Multiple Cisco Products Advisory ID: cisco-sa-20130801-lsaospf Revision 1.0 For Public Release 2013 August 1 16:00 UTC (GMT) +- Summary === Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic. The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iF4EAREKAAYFAlH6SCkACgkQUddfH3/BbTpGpgD+MsCo7uFqgGLIay4UOkjNFB13 QpWKflcEOL6WAJfNIzIA/jTODW/TkM9KSixhd/CewRqjwuJ4lPGnWAGV+AXxb1BQ =Vnj7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco WAAS Central Manager Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco WAAS Central Manager Remote Code Execution Vulnerability Advisory ID: cisco-sa-20130731-waascm Revision 1.0 For Public Release 2013 July 31 16:00 UTC (GMT) +- Summary === Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iF4EAREKAAYFAlH5ABAACgkQUddfH3/BbTrXBwD/dCyJFiBaFl8ueRogQEkPPut6 yiRBwMzfQ/ZRx2asgrUA/3uLKSo8KYn0M5uRhLzq18GMg1mU8SQfHnXUgN3Yf6XQ =v7OF -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products Advisory ID: cisco-sa-20130731-cm Revision 1.0 For Public Release 2013 July 31 16:00 UTC (GMT) +- Summary === Multiple Cisco content network and video delivery products contain a vulnerability when they are configured to run in central management mode. This vulnerability could allow an authenticated but unprivileged, remote attacker to execute arbitrary code on the affected system and on the devices managed by the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iF4EAREKAAYFAlH5AAkACgkQUddfH3/BbTrB5wD+LzwjR/5XykM8jgZ2pvcTh+i0 w+cEK4klr2i+zpzoOckA/ilbSi5WS/lYJEdEavvjOkxNVlPsqeQ168DlbpyLbMOI =ZTje -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager Advisory ID: cisco-sa-20130724-vsm Revision 1.0 For Public Release 2013 July 24 16:00 UTC (GMT) +- Summary === The Cisco Video Surveillance Manager (VSM) allows operations managers and system integrators to build customized video surveillance networks to meet their needs. Cisco VSM provides centralized configuration, management, display, and control of video from Cisco and third-party surveillance endpoints. Multiple security vulnerabilities exist in versions of Cisco VSM prior to 7.0.0, which may allow an attacker to gain full administrative privileges on the system. More information on Cisco VSM can be found at http://www.cisco.com/en/US/products/ps10818/index.html. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) iF4EAREKAAYFAlHv3iUACgkQUddfH3/BbTrV2wD8DLMSP/vWdottEKUxbtuV1oQ+ tq7vz7Be9Q5mKn74ZsoA/1R7qkDcrmeKQTuBky432DtScteMcfbys0vD9pcQYoqU =HloY -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Unified Communications Manager Advisory ID: cisco-sa-20130717-cucm Revision 1.0 For Public Release 2013 July 17 16:00 UTC (GMT) +- Summary === Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify information in Cisco Unified CM. On June 6, 2013, a French security firm, Lexfo, delivered a public presentation on VoIP security that included a demonstration of multiple vulnerabilities used to compromise Cisco Unified CM. During the presentation, the researchers demonstrated a multistaged attack that chained a number of vulnerabilities Structured Query Language (SQL) resulted in a complete compromise of the Cisco Unified CM server. The attack chain used the following types of vulnerabilities: Blind Structured Query Language (SQL) injection Command injection Privilege escalation Cisco PSIRT greatly appreciates the opportunity to work with researchers on security vulnerabilities and welcomes the opportunity to review and assist in product reports. Cisco has released a Cisco Options Package (COP) file that addresses three of the vulnerabilities documented in this advisory. Cisco is currently investigating the remaining vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlHmuDIACgkQUddfH3/BbToEPQD8DVafTVfADAudnDxHoWDaLH/9 QcTIkQJn172juCFf9DAA/05OUssmg521DQBq7sgRS10R6pkATwDoSyh4+fz8a6lS =yPA7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Intrusion Prevention System Software Advisory ID: cisco-sa-20130717-ips Revision 1.0 For Public Release 2013 July 17 16:00 UTC (GMT) +- Summary === Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities: Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability The Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the MainApp process to become unresponsive. The Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive due to memory corruption or could cause the reload of the affected system. The Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause a reload of a Cisco Intrusion Prevention System Network Module Enhanced (IPS NME). The Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the kernel of the Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Module to become unresponsive. Successful exploitation of any of these vulnerabilities could result in a denial of service (DoS) condition. Cisco has released free software updates that address all the vulnerabilities in this advisory with the exception of the Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability. Customers running a vulnerable version of the Cisco IDSM-2 Module should refer to the Workarounds section of this advisory for available mitigations. Workarounds that mitigate the Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability and Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlHmuDoACgkQUddfH3/BbTqVGgD9GUaZyGJh2MeFZcpsPu/IkyvC xtlb3R3Sbmc/puaRP6UBAIsCRAdxcjhBriR9wdq5AZ44SdrytmlkJMWw5/+pvxhN =3Yzq -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance Advisory ID: cisco-sa-20130626-esa Revision 1.0 For Public Release 2013 June 26 16:00 UTC (GMT) +-- Summary === Cisco IronPort AsyncOS Software for Cisco Email Security Appliance is affected by the following vulnerabilities: * Web Framework Authenticated Command Injection Vulnerability * IronPort Spam Quarantine Denial of Service Vulnerability * Management GUI Denial of Service Vulnerability Successful exploitation of the Web Framework Authenticated Command Injection Vulnerability could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Successful exploitation of either of the two denial of service vulnerabilities may cause several critical processes to become unresponsive and make the affected system unstable. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iF4EAREIAAYFAlHKgZEACgkQUddfH3/BbTqmeQD+JNzRuCvE2SnGfq8D0zI3kTfY WD4G+HaHcL9P0msOtyUA+wREdPv1NbnAU9ilnEbxKuYyOCwy43B49nb3tpSRl7ch =QzPf -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance Advisory ID: cisco-sa-20130626-wsa Revision 1.0 For Public Release 2013 June 26 16:00 UTC (GMT) - --- Summary === Cisco IronPort AsyncOS Software for Cisco Web Security Appliance is affected by the following vulnerabilities: * Two authenticated command injection vulnerabilities * Management GUI Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of the two command injection vulnerabilities could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Successful exploitation of the Management GUI Denial of Service Vulnerability could cause several critical processes to become unresponsive and make the affected system unstable. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-wsa -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iF4EAREIAAYFAlHKgbUACgkQUddfH3/BbTrL8AD/SoOUwRsvEtX3h5k1PZjlpyAZ jvgRu3gHAB6cwf3mWJgA/1Z9L8jXLNqDr9duCISX8KldBUdTFCVAMSkg3jlBEALi =fNt5 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance Advisory ID: cisco-sa-20130626-sma Revision 1.0 For Public Release 2013 June 26 16:00 UTC (GMT) +--- Summary === Cisco IronPort AsyncOS Software for Cisco Content Security Management Appliance is affected by the following vulnerabilities: * Web Framework Authenticated Command Injection Vulnerability * IronPort Spam Quarantine Denial of Service Vulnerability * Management GUI Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of the Web Framework Authenticated Command Injection Vulnerability could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Successful exploitation of either of the two denial of service vulnerabilities could cause several critical processes to become unresponsive and make the affected system unstable. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-sma -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iF4EAREIAAYFAlHKga4ACgkQUddfH3/BbToSLQD/ZV7L00kmcc9b+fTio/NrkEp0 NFSZ9GTC2hKHJuXLZzIBAIozsy3V8lkJ5OAya1Qbyj0TqJsrUi0oTRbkt/hue5Nc =IhXy -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory:Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability Advisory ID: cisco-sa-20130626-ngfw http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ cisco-sa-20130626-ngfw Revision 1.0 For Public Release 2013 June 26 16:00 UTC (GMT) +-- Summary === Cisco ASA Next-Generation Firewall (NGFW) Services contains a Fragmented Traffic Denial of Service (DoS) vulnerability. Successful exploitation of this vulnerability on the Cisco ASA NGFW could cause the device to reload or stop processing user traffic that has been redirected by the parent Cisco ASA to the ASA NGFW module for further inspection. There are no workarounds for this vulnerability, but mitigations are available. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iF4EAREIAAYFAlHKgaUACgkQUddfH3/BbTp0ZgD+NDv7SbR9LIjMwPDqFmjfAjhY OSKWBWlunt8SOhDUbogA/jY0n25CWcbqKDlkUrbBNDXhXirk5TljKifNi2zHWH47 =KSS3 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software Advisory ID: cisco-sa-20130619-tpc Revision 1.0 For Public Release 2013 June 19 16:00 UTC (GMT) +- Summary === Cisco TelePresence TC and TE Software contain two vulnerabilities in the implementation of the Session Initiation Protocol (SIP) that could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition. Additionally, Cisco TelePresence TC Software contain an adjacent root access vulnerability that could allow an attacker on the same physical or logical Layer-2 network as the affected system to gain an unauthenticated root shell. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate the Cisco TelePresence TC and TE Software SIP Denial of Service vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) iF4EAREKAAYFAlHBtlQACgkQUddfH3/BbTpOdwEAiBS9DSSPEUee26GiAHsj2UbF ts/iwI6PsKqrsZ8PWzsA/iY2dCpNgpMvtw7uCT6oUu6jj6DumUhebUKjh2TkotFO =4gGi -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Advisory ID: cisco-sa-20130515-mse Revision 1.0 For Public Release 2013 May 15 16:00 UTC (GMT) +- Summary === Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130515-mse -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) iF4EAREKAAYFAlGTkX0ACgkQUddfH3/BbTqBrAD/d72SaHSpIobiIRsxt3mix+un hm8A7MB7AYUp74iliGIA/jTzBZEumgt1RgP0Lfvs4SQQZSN3wBQHnR9pH845cgjS =0mDU -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Advisory ID: cisco-sa-20121031-dcnm Revision 2.0 Last Updated 2013 May 08 16:00 UTC (GMT) For Public Release 2012 October 31 16:00 UTC (GMT) +- Summary === Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm Note: After this advisory was initially published, it was found that in addition to the DCNM SAN server component that is part of the DCNM solution, the DCNM LAN server is also affected by the same vulnerability. This advisory has been updated to revision 2.0 to indicate that the DCNM LAN server component is also vulnerable, to provide the Cisco bug ID that tracks the vulnerability in the DCNM LAN server component, and to update fixed software information. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iF4EAREIAAYFAlGKc/0ACgkQUddfH3/BbTr51AD/e7nVceiqF36VT7LQ5YmcjMax RMkX04N8wsdOgdZRyXkA+gMSU94ERrtaerlOHWlBBnhmFnLNcXYyCuS9Suobtcvc =eECl -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software Advisory ID: cisco-sa-20130508-cvp Revision 1.0 For Public Release 2013 May 8 16:00 UTC (GMT) +-- Summary === Cisco Unified Customer Voice Portal Software (Unified CVP) contains multiple vulnerabilities. Various components of Cisco Unified CVP are affected; see the Details section for more information on the vulnerabilities. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlGIWaUACgkQUddfH3/BbTpQMQD9HWwMuwQ7YSyrqYDSDkcnesWh XsvSL0PXA8lMaS+bSKMBAI/ChGvff6/MJuP6KqAAfHUkVQe8qyxsJGyk0lluGNtQ =HN7d -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Device Manager Command Execution Vulnerability Advisory ID: cisco-sa-20130424-fmdm Revision 1.0 For Public Release 2013 April 24 16:00 UTC (GMT) +- Summary === Cisco Device Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on a client host with the privileges of the user. This vulnerability affects Cisco Device Manager for the Cisco MDS 9000 Family and Cisco Nexus 5000 Series Switches when it is installed or launched via the Java Network Launch Protocol (JNLP) on a host running Microsoft Windows. Cisco Device Manager installed or launched from Cisco Prime Data Center Network Manager (DCNM) or Cisco Fabric Manager is not affected. This vulnerability can only be exploited if the JNLP file is executed on systems running Microsoft Windows. The vulnerability affects the confidentiality, integrity, and availability of the client host performing the installation or execution of Cisco Device Manager via JNLP file. There is no impact on the Cisco MDS 9000 Family or Cisco Nexus 5000 Series Switches. Cisco has released free software updates that address this vulnerability in the Cisco Device Manager for Cisco MDS 9000 Family Switches. Cisco Nexus 5000 Series Switches have discontinued the support of the Cisco Device Manager installation via JNLP and updates are not available. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) iF4EAREKAAYFAlF30BoACgkQUddfH3/BbTqARAD/efkFacOaSLxRk1eDkaVfrALV AzYT3xCcMQuWgc/OracA/01zIEtNJKdRu3tCK010hX7w2fdPH/D/RdUF7TFo885Z =u8iM -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Unified Computing System Advisory ID: cisco-sa-20130424-ucsmulti Revision 1.0 For Public Release 2013 April 24 16:00 UTC (GMT) +- Summary === Managed and standalone Cisco Unified Computing System (UCS) deployments contain one or more of the vulnerabilities: * Cisco Unified Computing System LDAP User Authentication Bypass Vulnerability * Cisco Unified Computing System IPMI Buffer Overflow Vulnerability * Cisco Unified Computing Management API Denial of Service Vulnerability * Cisco Unified Computing System Information Disclosure Vulnerability * Cisco Unified Computing System KVM Authentication Bypass Vulnerability Cisco has released free software updates that address these vulnerabilities. These vulnerabilities affect only Cisco UCS. Additional vulnerabilities that affect the NX-OS base operating system of UCS are described in Multiple Vulnerabilities in Cisco NX-OS-Based Products. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlF2hvUACgkQUddfH3/BbTrhHAD/c+Yr53D5RzalE4XWq08KKPjb GW4lA2LX+c6XA7lE3OkA/jHUbJ1303190tX/Xxv5+cSgnQoRBtFwtrIjzOWhcKz/ =l15l -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco NX-OS-Based Products Advisory ID: cisco-sa-20130424-nxosmulti Revision 1.0 For Public Release 2013 April 24 16:00 UTC (GMT) +- Summary === Cisco Nexus, Cisco Unified Computing Systemn (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities: * Multiple Cisco Discovery Protocol Vulnerabilities in Cisco NX-OS-Based Products * Cisco NX-OS Software SNMP and License Manager Buffer Overflow Vulnerability * Cisco NX-OS Software SNMP Buffer Overflow Vulnerability * Cisco NX-OS Software Jumbo Packet Denial of Service Vulnerability Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlF2hu0ACgkQUddfH3/BbTpaRAD/cDJ4yMgrDztLEXyQNHlroTHx bU8wQibE5AECpq33bK0A/1r8T6bj2KmzBpgZP59rEaVq2aDGKZPcn+mQL8gO8d+0 =rkOO -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability Advisory ID: cisco-sa-20130417-nac Revision 1.0 For Public Release 2013 April 17 16:00 UTC (GMT) +-- Summary === Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify any information in the NAC Manager database. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-nac -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFu1FEACgkQUddfH3/BbTr/jwD/UmdJ5/x0iKBt+h5P7CyDoCw1 XjSDuB/0AXMfEQLCIXIA/3eqYPgDyYs6Np3C/LGVU/HPNYsC7u7HQ/bV599WGwwb =RRHX -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability Advisory ID: cisco-sa-20130417-tpi Revision 1.0 For Public Release 2013 April 17 16:00 UTC (GMT) +-- Summary === Cisco TelePresence multipoint control unit (MCU) and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFu1F0ACgkQUddfH3/BbTrooAD9Hd1bHNtH6qE25KH2qSKx0Xd5 55+2JOZHT4CmjoVhaSMA+wWqGdVUbbtVtzIK0OZ4b/7tVRNtTmtoIjr9FA60WxWS =8gT5 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20130410-asa Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +-- Summary === Cisco ASA Software is affected by the following vulnerabilities: IKE Version 1 Denial of Service Vulnerability Crafted URL Denial of Service Vulnerability Denial of Service During Validation of Crafted Certificates DNS Inspection Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities may result in a reload of an affected device, leading to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa Note: The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by some of the vulnerabilities listed above. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFlkRYACgkQUddfH3/BbTpxAQD/Zkba4GDth49SWailwZV871q2 ffeUbZzP4AzcT4zJTbYA/1nk8ZqZBfW9TCUenapRkiykoh14ATXnyjV5GqUtWiUa =Ds4x -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software Advisory ID: cisco-sa-20130410-fwsm Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +-- Summary === Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities: FWSM HTTP Proxy Traceback Vulnerability IKE Version 1 Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the other. Successful exploitation of either of these vulnerabilities may result in a reload of an affected device, leading to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. A workaround is available for the IKE vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm Note: The Cisco Adaptive Security Appliance (ASA) may be affected by some of the vulnerabilities listed above. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco ASA. That advisory is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFlkSAACgkQUddfH3/BbTo2YwD/c8Pz1w7Af3bIH+OvuwkO7VTL JmdT2IMDCdZs5rLOH4cA/0EmYvvKa62cD09xfM8u5IgFP+qgWptVYvD15x2uBPWh =JjgU -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution Advisory ID: cisco-sa-20130410-mp Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +-- Summary === Cisco Unified MeetingPlace Application Server contains an authentication bypass vulnerability and Cisco Unified MeetingPlace Web Conferencing Server contains an arbitrary login vulnerability. For both vulnerabilities, successful exploitation could allow an unauthenticated, remote attacker to impersonate a legitimate user and send arbitrary commands to the affected system with the privileges of that user. Cisco has released free software updates that address these vulnerabilities. A workaround is available for the Cisco Unified MeetingPlace Web Conferencing Server Arbitrary Login Vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-mp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFlkTIACgkQUddfH3/BbTry0QD/awwTnQ3pFKZZaKwl0jslafJC P3L5GHiKhL9bE92KEkMA/RRgoVb0TOUiTubSi1c3jnQKZVtI19zWdYElJkYcQSXP =7GS+ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Advisory ID: cisco-sa-20130410-asr1000 Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +-- Summary === Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities: Cisco IOS XE Software IPv6 Multicast Traffic Denial of Service Vulnerability Cisco IOS XE Software MVPNv6 Traffic Denial of Service Vulnerability Cisco IOS XE Software L2TP Traffic Denial of Service Vulnerability Cisco IOS XE Software Bridge Domain Interface Denial of Service Vulnerability Cisco IOS XE Software SIP Traffic Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities could allow an unauthenticated remote attacker to trigger a reload of the Embedded Services Processors (ESP) card or the Route Processor (RP) card, causing an interruption of services. Repeated exploitation could result in a sustained DoS condition. Note: Cisco IOS Software and Cisco IOS-XR Software are not affected by these vulnerabilities. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFlkTsACgkQUddfH3/BbTqhGAD/Q21EVj/+oRmfkFXo+IZZ89AF K6vZOBcbjbfPKEwpM4gA/A8HlrWHY2egoNaTLDeLRfAi7jZhkrGHpE18WDC/91lw =OG4L -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Network Control Systems Database Default Credentials Vulnerability Advisory ID: cisco-sa-20130410-ncs Revision 1.0 For Public Release 2013 April 10 16:00 UTC (GMT) +-- Summary === Cisco Prime Network Control System NCS appliances that are running software versions prior to 1.1.1.24 contain a database user account that is created with default credentials. An attacker could use this account to modify the configuration of the application or disrupt services. A software upgrade is required to resolve this vulnerability. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-ncs -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlFlkSkACgkQUddfH3/BbTrRtQEAjKEfrZ4g2yWNSGLKq4eYQtGy +N+7Dea/oX5EQtOnnqEA/3h6A5A+RsvGrcVAse061dKJCwT0X2q3khD437CqSYZy =TLJ/ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20130327-rsvp Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === The Resource Reservation Protocol (RSVP) feature in Cisco IOS Software and Cisco IOS XE Software contains a vulnerability when used on a device that has Multiprotocol Label Switching with Traffic Engineering (MPLS-TE) enabled. Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to cause a reload of the affected device. Repeated exploitation could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd4ACgkQUddfH3/BbTqZ+AD/SPWuHu+4uf/xKA+RAbRbCZxd H9SFakcWJIPsy9TYjBABAI6/LmnQ9FrB1PHcVABckjYOnB+9JUd03ynxrsFPzIQS =W+Lt -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Advisory ID: cisco-sa-20130327-cce Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affected by this vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP inspection. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd0ACgkQUddfH3/BbTo1NQD+JTLByafJPlfucXQ7tGEHnYy5 vVv944CH2/B0vC3+AHUA/Aw9dc2MzCzkrKELNu9FQDBFkr5lIhdY9i942xPDfHKQ =6IL2 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software IP Service Level Agreement Vulnerability Advisory ID: cisco-sa-20130327-ipsla Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === The Cisco IOS Software implementation of the IP Service Level Agreement (IP SLA) feature contains a vulnerability in the validation of IP SLA packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Mitigations for this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd0ACgkQUddfH3/BbTp8QwD+IPK7Dzz7B0uga/FtZKjYU9XC ik2D1EIVMDWcFNYovn8A/i2M+COtgQr9j/7CuMRdNfnAoA65JOxRHu4NTW7cdZoo =w51Y -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Protocol Translation Vulnerability Advisory ID: cisco-sa-20130327-pt Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === The Cisco IOS Software Protocol Translation (PT) feature contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd4ACgkQUddfH3/BbTr/hQEAhB32OjahAaNFUbeYsZloNqCX C9JHEqRP4k4Y27LcWZUA+wTwW0yKpKzQ9+ZDvaWYiXtL1iSvOhlSjS178A3kMIhb =JlLG -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Internet Key Exchange Vulnerability Advisory ID: cisco-sa-20130327-ike Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === The Cisco IOS Software Internet Key Exchange (IKE) feature contains a denial of service (DoS) vulnerability. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ike Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd0ACgkQUddfH3/BbTovwQD8DwYcxZks8h9lxLcC9YX0Stal GfVltUM7jduv3M2tsQgBAIdGU+jBhC8Ct4i/0idzEkoX6o8TAK3EbcUqZt9QjK6F =Viuu -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Network Address Translation Vulnerability Advisory ID: cisco-sa-20130327-nat Revision 1.0 For Public Release 2013 March 27 10:00 UTC (GMT) +- Summary === The Cisco IOS Software implementation of the virtual routing and forwarding (VRF) aware network address translation (NAT) feature contains a vulnerability when translating IP packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd0ACgkQUddfH3/BbTrndAD/Qxm/suF3S/US+6bDND+/OKB3 9KpBW/wUPVC2+87IFRQBAIXFrAjFqnbmmBAKFEVZztVhRN1TlOW9JL7mKd6SXwZw =jAQM -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Smart Install Denial of Service Vulnerability Advisory ID: cisco-sa-20130327-smartinstall Revision 1.0 For Public Release 2013 March 27 16:00 UTC (GMT) +- Summary === The Smart Install client feature in Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Affected devices that are configured as Smart Install clients are vulnerable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that have the Smart Install client feature enabled. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFQcd4ACgkQUddfH3/BbToUsAD+NSDtaCAvOzfjmsqhxVZN6Uy+ ceAxXTPCp6M0n8yGk0sA/1uJk8CWE1yjCtTu1IDGX8K/SUvWFEUi0pqFyKfKVFEa =eRMY -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS and Cisco IOS XE Type 4 Passwords Issue Document ID: 33464 Revision 1.0 For Public Release 2013 March 18 16:00 UTC (GMT) +- Cisco Response Summary == This is the Cisco response to research performed by Mr. Philipp Schmidt and Mr. Jens Steube from the Hashcat Project on the weakness of Type 4 passwords on Cisco IOS and Cisco IOS XE devices. Mr. Schmidt and Mr. Steube reported this issue to the Cisco PSIRT on March 12, 2013. A limited number of Cisco IOS and Cisco IOS XE releases based on the Cisco IOS 15 code base include support for a new algorithm to hash user-provided plaintext passwords. This algorithm is called Type 4, and a password hashed using this algorithm is referred to as a Type 4 password. The Type 4 algorithm was designed to be a stronger alternative to the existing Type 5 and Type 7 algorithms to increase the resiliency of passwords used for the 'enable secret password' and 'username username secret password' commands against brute-force attacks. For additional information please see the full Cisco Security Response at the link below. Cisco would like to thank Mr. Schmidt and Mr. Steube for sharing their research with Cisco and working toward a coordinated disclosure of this issue. This Cisco Security Response is available at: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlFHFKYACgkQUddfH3/BbTpPQAD/S/gS0O+btwWu5rI7rugYeRzD m38z8zGANgZ9IlEz/OoA/RZVrhrJJ1eRTlHo0/IHuYK3AYUtT5cA8PprIJoUX1Qg =R0TE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Unified Presence Server Denial of Service Vulnerability Advisory ID: cisco-sa-20130227-cups Revision 1.0 For Public Release 2013 February 27 16:00 UTC (GMT) +-- Summary === Cisco Unified Presence Server (CUPS) contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlEuKpUACgkQUddfH3/BbToN0AD/R/qysDn1mZz7QGAp6OXTWZ/S CmHedHqerMebtCbxSZ4A/3eIvKVJrn+ZKUe1Ok7WzCK34m5clP0mHFe3HFyqk7Px =UUui -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Advisory ID: cisco-sa-20130227-hcs Revision 1.0 For Public Release 2013 February 27 16:00 UTC (GMT) +-- Summary === Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Exploitation of this vulnerability could interrupt the monitoring of voice services. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-hcs -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlEuKpwACgkQUddfH3/BbTpUMgD/TLGii8+uTgOp8UBzeEmZsJ6Q sLT9c+XAR4TtJz5bA1QA/0TpTDrf6Rq0KqnvaCORkSDZhhuSHLRMt49MNdOhvHHN =POis -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability Advisory ID: cisco-sa-20130206-ata187 Revision 1.0 For Public Release 2013 February 6 16:00 UTC (GMT) - -- Summary === Cisco ATA 187 Analog Telephone Adaptor firmware versions 9.2.1.0 and 9.2.3.1 contain a vulnerability that could allow an unauthenticated, remote attacker to access the operating system of the affected device. Cisco has available free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130206-ata187 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlEScnoACgkQUddfH3/BbTq/hAD8DVT9GUFCPSgQm7ZGjHAEWe5H 7g7Avwpzn0JFaqQViTkA/3HacZozibRdG2RnkQ/RJuJ4iNY0RSK3+u5Qxt/ICspB =TIrv -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities Advisory ID: cisco-sa-20130129-upnp Revision 1.0 For Public Release 2013 January 29 16:00 UTC (GMT) + Summary === The Portable Software Developer Kit (SDK) for Universal Plug-n-Play (UPnP) devices contain a libupnp library, originally known as the Intel SDK for UPnP Devices, which is vulnerable to multiple stack-based buffer overflows when handling malicious Simple Service Discovery Protocol (SSDP) requests. This library is used in several vendor network devices in addition to media streaming and file sharing applications. These vulnerabilities were disclosed on January 29th, 2013 in a CERT Vulnerability Note, VU#922681, which can be viewed at: http://www.kb.cert.org/vuls/id/922681 Cisco is currently evaluating products for possible exposure to these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlEIJZ8ACgkQUddfH3/BbTrUagD9FnKSVkc2iIfGs+7c8SVPT26+ ga5hYEz9UMUnitcqnbcBAIKe6KnkR6he2zbstVtbTKtqSjE7pfVb3lTKVZSeAkM5 =6sTu -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Wireless LAN Controllers Advisory ID: cisco-sa-20130123-wlc Revision 1.0 For Public Release 2013 January 23 16:00 UTC (GMT) - -- Summary === The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by the following four vulnerabilities: Cisco Wireless LAN Controllers Wireless Intrusion Prevention System (wIPS) Denial of Service Vulnerability Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service Vulnerability Cisco Wireless LAN Controllers HTTP Profiling Remote Code Execution Vulnerability Cisco Wireless LAN Controllers SNMP Unauthorized Access Vulnerability Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130123-wlc -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlD/9LgACgkQUddfH3/BbTqd2AEAjfwbSyTP5MOkZpmjQ/7ROsgt cxqqo3ApRtSkrqQ8QIYA/0U7bOtjGo6TyrU8P/XRmTYHUR4pnJzcAY15nULCBXzM =kd2V -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory Update v1.1: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability Advisory ID: cisco-sa-20130109-uipphone Revision 1.1 Last Updated 2013 January 17 15:16 UTC (GMT) For Public Release 2013 January 9 16:00 UTC (GMT) - -- Summary === Cisco Unified IP Phones 7900 Series versions 9.3(1)SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kernel system calls from applications running in userspace. An attacker could exploit this issue by gaining local access to the device using physical access or authenticated access using SSH and executing an attacker-controlled binary that is designed to exploit the issue. Such an attack would originate from an unprivileged context. Ang Cui initially reported the issue to the Cisco Product Security Incident Response Team (PSIRT). On November 6, 2012, the Cisco PSIRT disclosed this issue in Cisco bug ID CSCuc83860 Release Note Enclosure. Subsequently, Mr. Cui has spoken at several public conferences and has performed public demonstrations of a device being compromised and used as a listening device. Mitigations are available to help reduce the attack surface of affected devices. See the Details section of this security advisory and the accompanying Cisco Applied Mitigation Bulletin (AMB) for additional information. Update: An Engineering Special release has been made available for affected Cisco Customers that includes hardening measures to mitigate the known attack vectors for the vulnerability described in this advisory. This release is available upon request from the Cisco TAC. The release name is 9.3(1)-ES11. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlD4HKgACgkQUddfH3/BbTqIXwD/Vt52DZKHw+GGIE+vewkwjOJv 37T+yqiA10h9za3eP1cA/A3YBxs8TjTkrYtS/9nInHhUzZNeAGq8j5ObZ50rJr4Y =4aLv -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability Advisory ID: cisco-sa-20130116-asa1000v Revision 1.0 For Public Release 2013 January 16 16:00 UTC (GMT) + Summary === A vulnerability in Cisco Adaptive Security Appliance (ASA) Software for the Cisco ASA 1000V Cloud Firewall may cause the Cisco ASA 1000V to reload after processing a malformed H.323 message. Cisco ASA 1000V Cloud Firewall is affected when H.323 inspection is enabled. Cisco has released free software updates that address this vulnerability. This advisory is posted at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130116-asa1000v Note: Only Cisco ASA Software for the Cisco ASA 1000V Cloud Firewall is affected by the vulnerability described in this advisory. Cisco ASA 5500 Series Adaptive Security Appliances, Cisco Catalyst 6500 Series ASA Services Module or Cisco Catalyst 6500 Series Firewall Services Module (FWSM) are not affected by this vulnerability. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlD2zq8ACgkQUddfH3/BbTrc+QD9EA2SnUVPkVGB1+My7ht3NaAB /uDfg0ucWklkxx8IVwwA/jivGTajOF33PJ3IlcUPgb/2PMjwROqzxAoV5DNdUZn/ =Tn8w -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Prime LAN Management Solution Command Execution Vulnerability Advisory ID: cisco-sa-20130109-lms Revision 1.0 For Public Release 2013 January 9 16:00 UTC (GMT) +- Summary === Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands sent to certain TCP ports. An attacker could exploit this vulnerability by connecting to the affected system and sending arbitrary commands. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlDti54ACgkQUddfH3/BbTqTaAEAgJlOLDYzxJMrZGkZhGJxVAEb 8y77RwMX1kn5koY3xXQA/ArQ+4cfPs6cexCLxCwSHqeOjWuN1o41C3X6bXrACK8F =Ixht -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability Advisory ID: cisco-sa-20130109-uipphone Revision 1.0 For Public Release 2013 January 9 16:00 UTC (GMT) +- Summary === Cisco Unified IP Phones 7900 Series versions 9.3(1)SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kernel system calls from applications running in userspace. An attacker could exploit this issue by gaining local access to the device using physical access or authenticated access using SSH and executing an attacker-controlled binary that is designed to exploit the issue. Such an attack would originate from an unprivileged context. Ang Cui initially reported the issue to the Cisco Product Security Incident Response Team (PSIRT). On November 6, 2012, the Cisco PSIRT disclosed this issue in Cisco bug ID CSCuc83860 (registered customers only) Release Note Enclosure. Subsequently, Mr. Cui has spoken at several public conferences and has performed public demonstrations of a device being compromised and used as a listening device. Mitigations are available to help reduce the attack surface of affected devices. See the Details section of the full security advisory linked below and the accompanying Cisco Applied Mitigation Bulletin (AMB) for additional information. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone Cisco Applied Mitigation Bulletin: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=27763 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlDti64ACgkQUddfH3/BbTpjRgD/ZlnSQYscEZkN0WntIUAiyPki mbH5yhWtAeL1tYEls94A/3hr3r2wcBdSBgEDbDsNnWioY/uh/1G6l9rCRKTqWsMm =fKjB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities Advisory ID: cisco-sa-20121108-sophos Revision 1.0 For Public Release 2012 November 9 03:00 UTC (GMT) - -- Summary === Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Web Security Appliances (WSA) include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a denial-of-service (DoS) condition. An attacker could exploit these vulnerabilities by sending malformed files to an appliance that is running Sophos Anti-Virus. The malformed files could cause the Sophos antivirus engine to behave unexpectedly. As updates that address these vulnerabilities become available from Sophos, Cisco is working to qualify and automatically provision them through the Cisco Ironport ESA and WSA platforms. A workaround that mitigates these vulnerabilities is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121108-sophos -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlCcc5kACgkQUddfH3/BbToP4gD9EAi0HThOKyN0FiypwUcOmL8Y b99aEPPaiqLIhNwifncA/2ijY0H+wz0TPPBbTywNoXjlgor+1AZqzzIXEOEndiMf =6YeL -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue Document ID: cisco-sr-20121107-n1k Revision 1.0 For Public Release 2012 November 7 16:00 UTC (GMT) - -- Cisco Response == The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG. This software bug is documented in Cisco Bug ID CSCud01427 and a software bulletin for Software Release 4.2(1)SV1(5.2) is in the process of being published. Additional Information This response is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20121107-n1k -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlCahB0ACgkQUddfH3/BbTocEgD/ZAzdVLQZCcaLo41tATesEH9J 0O/Ijdnc8Fw7B3pBgrgBAI/6M8mWC/CJWGF6b6OkDhxu8aiNUUmZX645hWms9h8c =MMfv -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Advisory ID: cisco-sa-20121107-acs Revision 1.0 For Public Release 2012 November 7 16:00 UTC (GMT) - -- Summary === Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the authentication protocol and Cisco Secure ACS is configured with a Lightweight Directory Access Protocol (LDAP) external identity store. An attacker may exploit this vulnerability by sending a special sequence of characters when prompted for the user password. The attacker would need to know a valid username stored in the LDAP external identity store to exploit this vulnerability, and the exploitation is limited to impersonate only that user. An exploit could allow the attacker to successfully authenticate to any system using TACACS+ in combination with an affected Cisco Secure ACS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlCahBgACgkQUddfH3/BbTry0gD+ODX/mW0lFysJb+ga9d8hSJib y3Nt7PWArjcjgBBfV6cA/3xq5kIJ57XxuNw63zIaTpay5N+sUNLDJ37bdjxu+hTf =GL1C -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Advisory ID: cisco-sa-20121031-mp Revision 1.0 For Public Release 2012 October 31 16:00 UTC (GMT) + Summary === Cisco Unified MeetingPlace Web Conferencing is affected by two vulnerabilities: * Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability * Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability Exploitation of the Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability may allow an unauthenticated, remote attacker to send Structured Query Language (SQL) commands to manipulate the MeetingPlace database stores information about server configuration, meetings, and users. These commands may be used to create, delete, or alter some of the information in the Cisco Unified MeetingPlace Web Conferencing database. Exploitation of the Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability may allow an unauthenticated, remote attacker to create a buffer overrun condition that may cause the Web Conferencing server to become unresponsive. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlCRS2sACgkQUddfH3/BbTqMAwD+MQwopEA45I2B7OCcFOkuDQ8/ TrGs6zU5Ne3h/adthZUA/jL0oa9uIVtgMmih5QPEjeNaFCsuLlQexhbPtycDJoOU =gqZZ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability Advisory ID: cisco-sa-20121031-dcnm Revision 1.0 For Public Release 2012 October 31 16:00 UTC (GMT) + Summary === Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlCRS3YACgkQUddfH3/BbTq48QEAgoe/PkrhFtbx4mNBwPfiK8ft FAoYNVLQY4KvWs+IfhoA/17u0NgyNp5F5dd5Eda4m4xPHYuYWJdN16mfsEWb89ww =N5PT -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Advisory ID: cisco-sa-20121010-asa Revision 1.0 For Public Release 2012 October 10 16:00 UTC (GMT) - -- Summary === Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) may be affected by the following vulnerabilities: DHCP Memory Allocation Denial of Service Vulnerability SSL VPN Authentication Denial of Service Vulnerability SIP Inspection Media Update Denial of Service Vulnerability DCERPC Inspection Buffer Overflow Vulnerability Two DCERPC Inspection Denial Of Service Vulnerabilities These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Successful exploitation of any of these vulnerabilities could allow an unauthenticated remote attacker to trigger a reload of the affected device. Exploitation of the DCERPC Inspection Buffer Overflow Vulnerability could additionally cause a stack overflow and possibly the execution of arbitrary commands. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa Note: The Cisco Firewall Services Module for Cisco Catalyst 6500 and Cisco 7600 Series (FWSM) may be affected by some of the vulnerabilities listed above. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm The Cisco ASA 1000V Cloud Firewall and Cisco ASA-CX Context-Aware Security are not affected by any of these vulnerabilities. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlB1jRsACgkQUddfH3/BbTo1RwD+NHNKsAkrc/dZ+XAhDtqAyVIY xaVp6BpwmKAnBbDtwVQA/jXPlWJbmNmSOiHTAI30KkXahf9Bi9+bIvnQyeUI6aUM =Ncu5 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco Firewall Services Module Advisory ID: cisco-sa-20121010-fwsm Revision 1.0 For Public Release 2012 October 10 16:00 UTC (GMT) - -- Summary === The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities: DCERPC Inspection Buffer Overflow Vulnerability DCERPC Inspection Denial Of Service Vulnerabilities These vulnerabilities are not interdependent; a release that is affected by one vulnerability is not necessarily affected by the other. Exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to trigger a reload of the affected device, or to execute arbitrary commands. Repeated exploitation could result in a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm Note: The Cisco Catalyst 6500 Series ASA Services Module, and the Cisco ASA 5500 Series Adaptive Security Appliance may also be affected by these vulnerabilities. The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA Services Module and Cisco ASA 5500 Series Adaptive Security Appliance have been disclosed in a separate Cisco Security Advisory. The Advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlB1h6AACgkQUddfH3/BbTrdbQD/WPf0vA8pJbKyFgfDQ0rol2r4 AAAdCeOQlELptysCaYsBAIZP/vuW1jX43H6pLgx9xBum9wcNBvhzG1m9Bip+nGbH =e0NQ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player Advisory ID: cisco-sa-20121010-webex Revision 1.0 For Public Release 2012 October 10 16:00 UTC (GMT) - -- Summary === The Cisco WebEx Recording Format (WRF) player contains six buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx WRF Player is an application used to play back WRF WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The Cisco WebEx WRF Player can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The Cisco WebEx WRF Player can also be manually installed for offline playback after downloading the application from: http://www.webex.com/play-webex-recording.html. If the Cisco WebEx WRF Player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the Cisco WebEx WRF Player was manually installed, users will need to manually install a new version of the Cisco WebEx WRF Player after downloading the latest version from: http://www.webex.com/play-webex-recording.html. Cisco has updated affected versions of the WebEx meeting sites and Cisco WebEx WRF Player to address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlB1h6AACgkQUddfH3/BbTrjWAD/Xo3bSaXFymHXWKgoGNJQTRcp MFilgSgS+0Hp09ncDC0A/R+0E3BmJFwMukJw6IPAQkp+AjYus1naLVDcQMjh7svJ =tuKg -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-cucm Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco Unified Communications Manager contains a vulnerability in its Session Initiation Protocol (SIP) implementation that could allow an unauthenticated, remote attacker to cause a critical service to fail, which could interrupt voice services. Affected devices must be configured to process SIP messages for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. A workaround exists for customers who do not require SIP in their environment. This advisory is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-cucm Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html Cisco IOS Software and Cisco IOS XE Software are affected by the vulnerability described in this advisory. A separate Cisco Security Advisory has been published to disclose the vulnerability that affects Cisco IOS Software and Cisco IOS XE Software at the following location: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgiVQACgkQUddfH3/BbTqDrAD9GKw11Pk/9nwMJBzSQ7znHH8u JzDBtraEHMNDkyEacLAA/2ZbaNvWDOhuly4XCs84hvZhUtxnaHFCNheFGI3Go8nj =0fGN -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-sip Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through of Session Description Protocol (SDP) for this vulnerability to be exploitable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-sip Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html Cisco Unified Communications Manager is affected by the vulnerability described in this advisory. A separate Cisco Security Advisory has been published to disclose the vulnerability that affects the Cisco Unified Communications Manager at the following location: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-cucm -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeEAACgkQUddfH3/BbTob/wD/Qp0Y5YKNdLu4RUcBgkHojBc+ EQQQyJVSQTrHNG6GJcoA/jXiO1Lic8HzNUQdmusjvD+dIdKjQd8GrMOwAhKOQWpU =vIHn -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-ios-ips Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ios-ips Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD8ACgkQUddfH3/BbTpJqQD+IN51ZWVrBuSFzCEOb3hRHC+o i093jjXqPMmZ90pvT8wA/2LNuyuDuc7hat0gxy02+ZQbwKfDwaFFsJQ7UnV3WQf/ =QlOw -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability Advisory ID: cisco-sa-20120926-bgp Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains a vulnerability in the Border Gateway Protocol (BGP) routing protocol feature. The vulnerability can be triggered when the router receives a malformed attribute from a peer on an existing BGP session. Successful exploitation of this vulnerability can cause all BGP sessions to reset. Repeated exploitation may result in an inability to route packets to BGP neighbors during reconvergence times. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-bgp Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD0ACgkQUddfH3/BbTpwbwD+IkJ8uofSPxpZwUFgVu8dVRWq 6OpD4B6w1i+wGN5IOEQA/1o7VdakD9PFvIZODdfcptJSRK4k4SbeAf46KMFAiSYM =/DrE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20120926-nat Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD8ACgkQUddfH3/BbTrGtwD8CaC1pyjW+b1ltiGIsvX+jMfG jEEqlzr6VT/F1vjvaDgA/2pAjCs0T5rcGdJUhyKRlQH+PjVLBRVQaQTp/kk5T4+i =q0VJ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability Advisory ID: cisco-sa-20120926-c10k-tunnels Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains a queue wedge vulnerability that can be triggered when processing IP tunneled packets. Only Cisco IOS Software running on the Cisco 1 Series router has been demonstrated to be affected. Successful exploitation of this vulnerability may prevent traffic from transiting the affected interfaces. Cisco has released free software updates that addresses this vulnerability. There are no workarounds for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-c10k-tunnels Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD4ACgkQUddfH3/BbTpLigD/fKng67LLI/XQ0AkD8l6YyPct /hYpJdygEEIqvm2htS8BAIGs1zHnI0iD1w9RTmKc+uaeopmfO8F7qsutxUFX4KhJ =cGGl -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-dhcpv6 Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco IOS Software and Cisco IOS XE Software contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a crafted request to an affected device that has the DHCP version 6 (DHCPv6) server feature enabled, causing a reload. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcpv6 Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD4ACgkQUddfH3/BbTpTmwD/aWSNsmnurhMHzokzSTJUI4/B 428bYcAKinMffKT+bgIA/20BRb6rR7qCoIK0ynVDnbtYiNjwCMy+EQFEUrDWhpl1 =kAhj -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS Software DHCP Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-dhcp Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a single DHCP packet to or through an affected device, causing the device to reload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-dhcp Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD4ACgkQUddfH3/BbTrJBgD8D/YGAbTV2hF3i3v0Gg8nFc2x jVoS/mVfTMurWAYQflIA/0HU8TpFR6A9Oegidg2Cjc27Vyx2RbAqah6Y57BceTco =WgD1 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability Advisory ID: cisco-sa-20120926-ecc Revision 1.0 For Public Release 2012 September 26 16:00 UTC (GMT) +- Summary === The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc Note: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes 9 Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBgeD8ACgkQUddfH3/BbTptGQD+LJo6CaOPouQRBuPy+1jpi5SB EvY/pXj/6kA47NIeQtMA/A/K7sSoBEfEn/baeeTcOOvyJ4Yo4I9wekRMSMJFzxoz =kR+l -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Advisory ID: cisco-sa-20120620-ac Revision 2.0 Last Updated 2012 September 19 16:01 UTC (GMT) For Public Release 2012 June 20 16:00 UTC (GMT) + Summary === The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities: * Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability * Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability * Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop Hostscan Downloader Software Downgrade Vulnerability * Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability * Cisco Secure Desktop Arbitrary Code Execution Vulnerability Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac Note: Revision 2.0 of this advisory corrects an inadvertent omission in the original advisory, which failed to list that the fixes also address a vulnerability in Cisco Secure Desktop, described by CVE-2012-4655. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAlBZ8RsACgkQUddfH3/BbTrMXAD+KzDhX4MHl8balbQ1dcfDrmeu LwCqi3iKEPcAqHsa3sYBAI6GvgsZ99r1+5O3p7WBHGvWwcgRPQdAdSaWXznICylf =J7RB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability Advisory ID: cisco-sa-20120912-cupxcp Revision 1.0 For Public Release 2012 September 12 16:00 UTC (GMT) +- Summary === A denial of service (DoS) vulnerability exists in Cisco Unified Presence and Jabber Extensible Communications Platform (Jabber XCP). An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted Extensible Messaging and Presence Protocol (XMPP) stream header to an affected server. Successful exploitation of this vulnerability could cause the Connection Manager process to crash. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBQmfoACgkQUddfH3/BbTr41QEAiEtU1YJmRk9YpE1gC5mlqWDN nfdqWNCjaeDKfgnJjYYA/jqFNpCPCHjUL4Oon847zNnduIW2CY9SBrWc9g2iYLNL =qvOa -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability Advisory ID: cisco-sa-20120912-asacx Revision 1.0 For Public Release 2012 September 12 16:00 UTC (GMT) +- Summary === Cisco ASA-CX Context-Aware Security appliance and Cisco Prime Security Manager (PRSM) contain a denial of service (DoS) vulnerability in versions prior to 9.0.2-103. Successful exploitation of this vulnerability on the Cisco ASA-CX could cause the device to stop processing user traffic and prevent management access to the Cisco ASA-CX. Successful exploitation of this vulnerability on the Cisco PRSM could cause the software to become unresponsive and unavailable. There are no workarounds for this vulnerability, but some mitigations are available. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlBQmfIACgkQUddfH3/BbTqiYwD/XvyTOxUAsm5SUk6SQz2gSvJQ MRJ/YAAaW54eH5HykGwA/j19RyMKO9JLs5Hj+E6lDsbVjl4azUf2XkBI+Zt/jS+B =eNJC -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [2.0 Update] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS XR Software Route Processor Denial of Service Vulnerability Advisory ID: cisco-sa-20120530-iosxr Revision 2.0 For Public Release 2012 August 15 16:00 UTC (GMT) +- Summary === Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAlArqykACgkQUddfH3/BbTp9qQD+JykExH3Qj2xaR74o4PomFAL4 vpajwSl1+1b6CtV5cQoA/0kwCOTFnjS4Te31QjkSx5+uhDpEPs5qjTb8F6EXiapD =Yc2a -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco TelePresence Recording Server Advisory ID: cisco-sa-20120711-ctrs Revision 1.0 For Public Release 2012 July 11 16:00 UTC (GMT) +- Summary === Cisco TelePresence Recording Server contains the following vulnerabilities: Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability Cisco TelePresence Web Interface Command Injection Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/9izAACgkQUddfH3/BbTpgpwD/TQOz5H0BG4ogU7mv8ZnqT69E bgkxiXeO+2F8ogOPR/gA/iVsXNVK3OOeTYTZx5VCTqjGdtn/QRPNjUFyv5vu/OOH =wEHe -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Advisory ID: cisco-sa-20120711-cts Revision 1.0 For Public Release 2012 July 11 16:00 UTC (GMT) +- Summary === Cisco TelePresence Endpoint devices contain the following vulnerabilities: Cisco TelePresence API Remote Command Execution Vulnerability Cisco TelePresence Remote Command Execution Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the API Remote Command Execution vulnerability could allow an unauthenticated, adjacent attacker to inject commands into API requests. The injected commands will be executed by the underlying operating system in an elevated context. Exploitation of the Remote Command Execution vulnerability could allow an authenticated, remote attacker to inject commands into requests made to the Administrative Web interface. The injected commands will be executed by the underlying operating system in an elevated context. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/9lu0ACgkQUddfH3/BbTqlngD/QXo0Y0ds6xqOEA9HjbtVmqCB u3xsHxnWro9ApV48wVoA/RTrZe8zBeFxEHss91AYC3bYXbTGltCP91audYSv6LUc =PjIb -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco TelePresence Manager Advisory ID: cisco-sa-20120711-ctsman Revision 1.0 For Public Release 2012 July 11 16:00 UTC (GMT) +- Summary === Cisco TelePresence Manager contains the following vulnerabilities: Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/9izgACgkQUddfH3/BbTqUmwD/ZHYuMyBcriiQf7IBPNheFjzy OySQwMyhLAwkM2ZZAIoA/3E0ipbO8bISXYel/QLCIigHSAuCfrNcXOuW8K6Py9M8 =VLwY -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Advisory ID: cisco-sa-20120711-ctms Revision 1.0 For Public Release 2012 July 11 16:00 UTC (GMT) +- Summary === Cisco TelePresence Multipoint Switch contains the following vulnerabilities: Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow an unauthenticated, remote attacker to create a denial of service (DoS) condition, causing the product to become unresponsive to new connection requests and potentially leading to termination services and processes. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/9iyEACgkQUddfH3/BbTpDwwD/VC6pQ6nRkbNlMDpXiIbeaSJl z9/qBj2QDDkkmZtuFy0A/13tmEoR9wDU9UGWG5XdrzY1mD70brmwbo/DobaWxmcE =2nC1 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Advisory ID: cisco-sa-20120627-webex Revision 1.0 For Public Release 2012 June 27 16:00 UTC (GMT) + Summary === The Cisco WebEx Recording Format (WRF) player contains four buffer overflow vulnerabilities and the Cisco Advanced Recording Format (ARF) player contains one buffer overflow vulnerability. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from http://www.webex.com/play-webex-recording.html. If the WRF or ARF players were automatically installed, they will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF or ARF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from http://www.webex.com/play-webex-recording.html. Cisco has updated affected versions of the WebEx meeting sites and WRF and ARF players to address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAk/rJEUACgkQUddfH3/BbTq0xwD5AcfRxNUZIGqkAH2Ly2/F2gm1 dNWaKy1hIfBIkk4oFVwA/1nlXcK77u6J/kNERLpg04SFvNh7HSYY2A7XU6BLeCy+ =eBKD -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Advisory ID: cisco-sa-20120620-ac Revision 1.0 For Public Release 2012 June 20 16:00 UTC (GMT) +- Summary === The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/hxbIACgkQQXnnBKKRMNBg/gD/UfO5FCOVvzRdsSugHPrSrEFT Rd4Q0AvReBoziS3fIfAA/isBKtBmeC+mseVPOPqAw8XlCaPCqBF58UOvRIx7mmaV =4OQe -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability Advisory ID: cisco-sa-20120620-asaipv6 Revision 1.0 For Public Release 2012 June 20 16:00 UTC (GMT) +- Summary === Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6 -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/hxbwACgkQQXnnBKKRMNDlHQD/ZgbXyT+BpLLekWVNXpDchrth Ak5JDY58r4n1UxWAdvkA/A0mVVmObudC4/lut8eALOAzHFXPE1liRsUNACuEY1dU =gzt0 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Application Control Engine Administrator IP Address Overlap Vulnerability Advisory ID: cisco-sa-20120620-ace Revision 1.0 For Public Release 2012 June 20 16:00 UTC (GMT) +- Summary === A vulnerability exists in Cisco Application Control Engine (ACE) software. Administrative users may be logged into an unintended context (virtual instance) on the ACE when running in multicontext mode. Cisco has released free software updates that address this vulnerability. A workaround is available for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/hxbUACgkQQXnnBKKRMND+xAD+Kyl1XE7s35MmPSXKKRu8wCyv p1kEyH7KVtiqj2gBAcYA/0j0LhJpa77zHF0ZpOJbDrNwT1ccWUDHdr8jjD/yv+aP =UyTX -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco IOS XR Software Route Processor Denial of Service Vulnerability Advisory ID: cisco-sa-20120530-iosxr Revision 1.0 For Public Release 2012 May 30 16:00 UTC (GMT) +- Summary === Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iF4EAREIAAYFAk/GMvQACgkQQXnnBKKRMNDF2wD6A5yZWmZgCmk5x+RJ2mxIXzcW RXsu7/NENNspgbOJk2wA/RIJ9Fbzy+QZTRuQtg2vX0vCOhterMOVmN3Ue0VCzj52 =lCxE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Advisory ID: cisco-sa-20120404-webex Revision 1.0 For Public Release 2012 April 4 16:00 UTC (GMT) + Summary === The Cisco WebEx Recording Format (WRF) player contains three buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from www.webex.com. If the WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com. Cisco has updated affected versions of the WebEx meeting sites and WRF player to address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iF4EAREIAAYFAk98YzcACgkQQXnnBKKRMNCTmQD/VY6JJbsShxFPEOhYw/LWLtkE yW4X11Smv2wub8CSMWQA/i4FPoQK9LFWzv6Vtskr7GvTF9i6RNOs5sffl+WilfCC =H8ML -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Advisory ID: cisco-sa-20120328-rsvp Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT) +- Summary === Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-rsvp Note: The March 28, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the March 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar12.html Affected Products = Vulnerable Products +-- Only devices with specific configurations are affected. Cisco devices that are running affected Cisco IOS Software or Cisco IOS XE Software versions are vulnerable when they are configured with RSVP and also have one or more VRF interfaces. A device is vulnerable if both the following criteria are met: * At least one VRF is configured without RSVP * At least one other interface (physical or virtual), not in the same VRF, is configured with RSVP Some example scenarios are as follows: * RSVP-Traffic Engineering (RSVP-TE) in Multiprotocol Label Switching (MPLS) infrastructures * Multi-VRF infrastructures * VRF-Lite infrastructures To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to Cisco Internetwork Operating System Software or Cisco IOS Software. The image name displays in parentheses, followed by Version and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 15.0(1)M1 with an installed image name of C3900-UNIVERSALK9-M: Router show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in White Paper: Cisco IOS and NX-OS Software Reference Guide at: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable + Cisco IOS-XR software is not affected by this vulnerability. No other Cisco products are currently known to be affected by this vulnerability. Details === Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A device is vulnerable if it is configured with VRF and none of the interfaces in that VRF have RSVP enabled, but any other interface (physical or virtual) does have RSVP enabled. An attacker with some knowledge of the affected infrastructure could exploit this vulnerability by sending RSVP packets to vulnerable devices. Successful exploitation of the vulnerability could allow an attacker to wedge the receive queue of any RSVP ingress interface. A workaround is available to mitigate this vulnerability. In devices that meet the vulnerable configuration criteria, valid RSVP packets could trigger this vulnerability. An attacker with knowledge of the
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall Vulnerabilities Advisory ID: cisco-sa-20120328-zbfw Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT) +- Summary === Cisco IOS Software contains four vulnerabilities related to Cisco IOS Zone-Based Firewall features. These vulnerabilities are as follows: * Memory Leak Associated with Crafted IP Packets * Memory Leak in HTTP Inspection * Memory Leak in H.323 Inspection * Memory Leak in SIP Inspection Workarounds that mitigate these vulnerabilities are not available. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-zbfw Note: The March 28, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the March 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar12.html Affected Products = Vulnerable Products +-- Cisco IOS devices running vulnerable versions of Cisco IOS Software are affected by four vulnerabilities in the Cisco IOS Zone-Based Firewall. The vulnerabilities are independent of each other. Details to confirm affected configurations are provided below. To determine whether a device is configured with Zone-Based Firewall, log in to the device and issue the show zone security command-line interface (CLI) command. If the output shows a member interface under a zone name, the device is vulnerable. The following example shows a device with Zone-Based Firewall rules configured on both GigabitEthernet0/0 and GigabitEthernet0/1: Router#show zone security zone self Description: System defined zone zone inside Description: *** Inside Network *** Member Interfaces: GigabitEthernet0/0 zone outside Description: *** Outside Network *** Member Interfaces: GigabitEthernet0/1 Router# The following sections provide more details on the specific features containing the vulnerabilities. Memory Leak Associated with Crafted IP Packets +- There is no specific configuration necessary for a device to be vulnerable to the memory leak associated with crafted IP packets. If the Zone-Based Firewall is configured, the device is vulnerable. Memory Leak in HTTP Inspection +- For the device to be vulnerable to the memory leak associated with HTTP inspection, the Zone-Based Firewall must be configured to perform HTTP inspection with the Zone-Based Firewall. To determine whether a device is configured for HTTP inspection, enter the command show policy-map type inspect zone-pair | include Match: protocol http. The following example shows a vulnerable device configured with Cisco IOS Zone-Based Policy Firewall HTTP inspection: Router#show policy-map type inspect zone-pair | include Match: protocol http Match: protocol http Memory Leak in H.323 Inspection +-- For a device to be vulnerable to the memory leak associated with H.323 inspection, the Zone-Based Firewall must be configured to perform H.323 inspection. To determine if a device is configured for H.323 inspection enter the command show policy-map type inspect zone-pair | include Match: protocol h323. If the output contains Match: protocol h323 the device is vulnerable. The following example shows a vulnerable device configured with Cisco IOS Zone-Based Policy Firewall H.323 inspection: Router# show policy-map type inspect zone-pair | include Match: protocol h323 Match: protocol h323 Memory Leak in SIP Inspection + The device is vulnerable if the configuration has either a Layer 4 or Layer 7 Session Initiation Protocol (SIP) application-specific policy configured, and the policy is applied to any firewall zone. To determine whether a device is configured for SIP inspection enter the command show policy-map type inspect zone-pair | include Match: protocol sip. If the output contains Match: protocol sip the device is vulnerable. The following example shows a vulnerable device configured with Cisco IOS Zone-Based Policy Firewall SIP inspection: Router# show policy-map type inspect zone-pair | include Match: protocol sip Match: protocol sip To determine the Cisco IOS Software release that
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Advisory ID: cisco-sa-20120328-mace Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT) + Summary === Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-mace Note: The March 28, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the March 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/ Cisco_ERP_mar12.html Affected Products = Vulnerable Products +-- Cisco devices that are running Cisco IOS Software are vulnerable when they are configured with the mace enable or waas enable interface configuration commands on one or more interfaces. Additional configuration is required for WAAS Express or MACE to be configured; more details follow. Note: Cisco IOS Software is vulnerable only when configured for WAAS Express or MACE. Cisco IOS Software configured for WAAS, not WAAS Express, is not vulnerable. For more information on WAAS Express, see http://www.cisco.com/en/US/products/ps11211/index.html. For more information about MACE, see http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps11709/ps11671/guide_c07-664643.html. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to Cisco Internetwork Operating System Software or Cisco IOS Software. The image name displays in parentheses, followed by Version and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 15.0(1)M1 with an installed image name of C3900-UNIVERSALK9-M: Router show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in White Paper: Cisco IOS and NX-OS Software Reference Guide at http://www.cisco.com/web/about/security/intelligence/ios-ref.html. Products Confirmed Not Vulnerable + No other Cisco products are currently known to be affected by these vulnerabilities. Details === The Cisco Wide Area Application Services (WAAS) Express feature allows optimization of the WAN bandwidth required to access centrally located applications. WAAS Express allows the traffic to be optimized by a Cisco Integrated Services Router (ISR G2), with no other devices required. The Cisco Measurement, Aggregation, and Correlation Engine (MACE) is a Cisco IOS feature that is used for measurement and analysis of network traffic. The feature may be used with WAAS Express to give details of optimized traffic or used by itself to help measure application performance. Cisco IOS Software contains a DoS vulnerability in the WAAS Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. This vulnerability is documented in Cisco bug ID CSCtt45381 and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-1314. Cisco IOS Software
[Full-disclosure] Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Advisory ID: cisco-sa-20120328-nat Revision 1.0 For Public Release 2012 March 28 16:00 UTC (GMT) + Summary === The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets. The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat Note: The March 28, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the March 2012 bundled publication. Individual publication links are in Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar12.html Affected Products = Vulnerable Products +-- Cisco devices that are running Cisco IOS Software are vulnerable when they are configured for NAT and contain support for NAT for Session Initiation Protocol. There are two methods to determine if a device is configured for NAT: * Determine if NAT is active on a running device. * Determine if NAT commands are included in the device configuration. Determine if NAT is Active on a Running Device +- The preferred method to verify whether NAT is enabled on a Cisco IOS device is to log in to the device and issue the show ip nat statistics command. If NAT is active, the sections Outside interfaces and Inside interfaces will each include at least one interface. The following example shows a device on which the NAT feature is active: Router#show ip nat statistics Total translations: 2 (0 static, 2 dynamic; 0 extended) Outside interfaces: Serial0 Inside interfaces: Ethernet1 Hits: 135 Misses: 5 Expired translations: 2 Dynamic mappings: -- Inside Source access-list 1 pool mypool refcount 2 pool mypool: netmask 255.255.255.0 start 192.168.10.1 end 192.168.10.254 type generic, total addresses 14, allocated 2 (14%), misses 0 Depending on the Cisco IOS Software release, the interface lists can be in the lines following the Outside interfaces and Inside interfaces. In releases that support the section filter on show commands, the administrator can determine whether NAT is active by using the show ip nat statistics | section interfaces command, as illustrated in the following example: Router show ip nat statistics | section interfaces Outside interfaces: GigabitEthernet0/0 Inside interfaces: GigabitEthernet0/1 Router Determine if NAT Commands are Included in the Device Configuration +- Alternatively, to determine whether NAT has been enabled in the Cisco IOS Software configuration, either the ip nat inside or ip nat outside commands must be present in different interfaces, or in the case of the NAT Virtual Interface, the ip nat enable interface command will be present. Determine the Cisco IOS Software Release +--- To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to Cisco Internetwork Operating System Software or Cisco IOS Software. The image name displays in parentheses, followed by Version and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 15.0(1)M1 with an installed image name of C3900-UNIVERSALK9-M: Router show version Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 17:17 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in White Paper: Cisco IOS and NX-OS Software
[Full-disclosure] Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability Advisory ID: cisco-sa-20120314-asaclient Revision 1.0 For Public Release 2012 March 14 16:00 UTC (GMT) + Summary === The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient Affected Products = Cisco Clientless VPN is a feature available on Cisco ASA 5500 Series Adaptive Security Appliances. Vulnerable Products +-- Cisco ASA 5500 Series Adaptive Security Appliances that are running one of the following versions contain the affected ActiveX component: +---+ |Affected Version |Affected Release| |--+| | Cisco Adaptive Security Appliance Software |7.1 | |7.x |7.2 | |--+| | |8.0 | | |8.1 | | Cisco Adaptive Security Appliance Software |8.2 | |8.x |8.3 | | |8.4 | | |8.6 | +---+ Note: Cisco ASA Software version 7.0 and 7.1 have reached end of software maintenance. Customers who are using Cisco ASA Software version 7.0 or 7.1 should contact their Cisco support team for assistance in upgrading to a supported version of Cisco ASA Software. Note: The affected implementation of the Cisco Clientless VPN solution was introduced with the release of Cisco ASA Software version 7.1. This issue does not affect devices running Cisco PIX Software. Administrators may determine whether the Cisco Clientless VPN solution is enabled on their devices by issuing the show running-config webvpn command. The following example shows the response when the Cisco Clientless VPN solution is enabled: ciscoasa# show running-config webvpn webvpn enable outside End user systems running Microsoft Windows may be affected if they have used the Cisco Clientless VPN feature on an affected device from a browser that supports ActiveX technology. Devices that contain the cscopf.ocx ActiveX control registered with a class ID (CLSID) of {B8E73359-3422-4384-8D27-4EA1B4C01232} are affected. The affected controls are marked both Safe for Scripting (SFS) and Safe for Initialization (SFI), which may present additional attack vectors when a system has registered and cached the affected control. Products Confirmed Not Vulnerable + * Cisco Firewall Service Modules are not affected by this vulnerability * Cisco Adaptive Security Appliance Services Modules are not affected by this vulnerability * Cisco IOS Software-based devices that use the Cisco Clientless VPN solution (WebVPN) are not affected by this vulnerability No other Cisco products are currently known to be affected by this vulnerability. Details === Cisco Adaptive Security Appliances (ASA) contain a feature known as the Cisco Clientless VPN solution. The Cisco Clientless VPN feature allows users to use a web browser to create an SSL VPN tunnel from an endpoint device to a Cisco ASA device. When connected, the ASA pushes several ActiveX and Java applications to the endpoint device to allow a number of features to operate. When a browser
[Full-disclosure] Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability Advisory ID: cisco-sa-20120314-fwsm Revision 1.0 For Public Release 2012 March 14 16:00 UTC (GMT) +- Summary === The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) contains a Protocol Independent Multicast (PIM) Denial of Service Vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds available that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm Note: The Cisco Adaptive Security Appliance (ASA) and the Cisco Catalyst 6500 ASA Services Module (ASASM) are also affected by this vulnerability. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the ASA and ASASM. That advisory is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa Affected Products = The Cisco Catalyst 6500 Series Firewall Services Module is affected by this vulnerability. Not all versions of released FWSM Software are affected. Consult the Software Versions and Fixes section of this security advisory for more information. Vulnerable Products - --- For specific version information, refer to the Software Versions and Fixes section of this advisory. Protocol Independent Multicast Denial of Service Vulnerability +- The Cisco FWSM is affected by a vulnerability that may cause affected devices to reload during the processing of a PIM message when multicast routing is enabled. Multicast routing is disabled by default, however when multicast routing is enabled on the Cisco FWSM, PIM is automatically enabled on all interfaces. The following command enables multicast routing: fwsm(config)# multicast-routing To verify whether PIM is enabled on an interface use the show pim interface command. The following example shows PIM enabled on the inside interface: fwsm# sh pim interface Address Interface PIM Nbr Hello DR DR Count Intvl Prior 172.16.1.66inside on 0 30 1 this system Products Confirmed Not Vulnerable + With the exception of the Cisco ASA and the Cisco Catalyst 6500 ASA Services Module, no other Cisco products are currently known to be affected by this vulnerability. Details === The following section gives additional details about this vulnerability. Protocol Independent Multicast Denial of Service Vulnerability +- Multicast routing is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a single stream of information to multiple recipients. Protocol Independent Multicast (PIM) is a multicast routing protocol that is independent of any IP routing protocol. PIM can leverage any unicast routing protocols that are in use, including Exterior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), or static routes, to populate the unicast routing table. PIM uses this unicast routing information to perform the multicast forwarding function, and is IP protocol-independent. Although PIM is called a multicast routing protocol, it actually uses the unicast routing table to perform the Reverse Path Forwarding (RPF) check function instead of building a completely independent multicast routing table. PIM does not send or receive multicast routing updates between routers as do other routing protocols. A vulnerability exists in the way PIM is implemented that may cause affected devices to reload during the processing of a PIM message when multicast routing is enabled. The vulnerability is due to improper handling of PIM messages. An attacker could exploit this vulnerability by sending a crafted PIM message to the affected system. This vulnerability is documented in Cisco bug ID CSCtu97367, and has been assigned Common Vulnerabilities ans Exposures (CVE) ID CVE-2012-0356. Vulnerability Scoring Details = Cisco has scored the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this security advisory is in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps organizations determine the urgency and priority of a response. Cisco has provided a base and temporal score. Customers can also compute environmental scores that help determine the impact of the vulnerability in