Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco UCS Director Privilege Escalation Vulnerability Advisory ID: cisco-sa-20170215-ucs Revision 1.0 For Public Release 2017 February 15 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. Attackers could exploit this vulnerability by enabling Developer Mode for their user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to the profile. An exploit could allow attackers to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs -BEGIN PGP SIGNATURE- iQIVAwUBWKRpgq89gD3EAJB5AQIH3g//UJsdf7eZW8Igzg1NAEAcGVZfnPxA3jlf wzps6+/z0fer3HbPtVFtH+Usl/RTQoH6Kg9e3ysZm9/UsYYMVMEBX6g9m8ICue0S dbAXmJC5hPtCmlHIO5J1te6KC2R+2uWt+6Uclkj+N/S0gj5V2KYKzsWvQF8rjUVl KemWygJshFzA5MuPWRNdXebBQwjHi6vhtK3rWjTQYafxSqpamjYa+k1AJ8UnlTnO yyVjURVlxh4P+KQizOMVg/Wi7ju/PVvyQN90eJ5/XHR2s8Fuq7xx0RsheMaLTTma 0hjOTkK70ckVVKe9o7XMBd+d2QONEueu503NUBbb1tCF1yjWCYBIn9AZvzY2CIRe /EhZxCoo0zmfbcOdKbkXnB3WnyHDX6Mln+QrS8+XgalDs/t/csk1fEieoT0VwZ23 BJWFrzmA56JfqKBJ4QrgpyNAeymkglUjpXl5w1m54AyCEgbr+sIGhoS6q70ZfkaK N9HRB4ORERjzVZ3YJsAHxp55Z8nYk3KIsN+ueUU5G+a01ACDoFzi0Mqg03Fs22mB syB0OvQwjvGBZjJE6bxC/D6/q2X/dCqdypdUMLwOVklyAs6GCzZTyO//dFQDMZXu Vpa1Lkp0617CBJXbH95ba07t7eEBQOXqNVNlj3JwO6qr48xSfw3rPkCsmv+0CggY FQlDeTuY29A= =W9Wa -END PGP SIGNATURE-
Cisco Security Response: Cisco Smart Install Protocol Misuse
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Response: Cisco Smart Install Protocol Misuse Response ID: cisco-sr-20170214-smi Revision 1.0 For Public Release 2017 February 14 16:00 UTC (GMT) +- Summary === Several researchers have reported on the use of Smart Install (SMI) protocol messages toward Smart Install clients, also known as integrated branch clients (IBC), allowing an unauthenticated, remote attacker to change the startup-config file and force a reload of the device, upgrade the IOS image on the device, and execute high-privilege CLI commands on switches running Cisco IOS and IOS XE Software. Cisco does not consider this a vulnerability in Cisco IOS, IOS XE, or the Smart Install feature itself but a misuse of the Smart Install protocol that by design does not require authentication. Customers who seek more than zero-touch deployment should consider deploying the Cisco Network Plug and Play solution instead. Cisco has updated the Smart Install Configuration Guide to include security best practices regarding the deployment of the Cisco Smart Install feature within customer infrastructures: http://www.cisco.com/c/en/us/td/docs/switches/lan/smart_install/configuration/guide/smart_install/concepts.html#23355 This response is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20170214-smi -BEGIN PGP SIGNATURE- iQIVAwUBWKMqP689gD3EAJB5AQIhmg//bOM1Zdt3KCjzNpQ2dCyOVDA8l1yM6h4w MJMUE8kqxUHKtKP9dCqDNKJt18XEWX1hOBNitiUqCIksaLDntRDjlkuA9dAayAHE s7zvlrjV0OWJ9gNjUAc7Kb8fhwQVf3FIBiuRciy14y+8WBeTBGejYZgdK6vax0BQ /uP16dlViu+dUSmS3+K79lZ+7oJUKJWEcniA1dmvT6Rn5V5asj7sy9W6CA+X9ehm kahOFeZJibnynFX6cDH1V7gvnWbo62PtgZ+NPkRFscXIlJhAYUOxFLOdF227GBRo sTvjfitx64uWVd2u3HFDPmFAw1V2dX86AlNm8P8Bp6S2+jvJ3SprZZ1j3+vt1AEn j5L5sc7IJpjCjj/JLxFI3iQOBZBnXQXU4XHxvdorMt067CijcwQbPYSM52oAdG8d Bemos1BvBt5q/yIUV/tkYchdFMNsUrPBEjma4xf3l4RQQsrYvDhbJRTVi/z4Tjhw fT6I3NHax2rxIc936l3zMXsPSPCbpjKYMWPA0xraIfceCi6Ujkm/0aX5Lxx/rAa7 Utcg/pMDFNpl+LWyPhJ1egTvRjNm8XDnIsDmybmUdssxjp0RtJHAUDyKlu+OKK4g X3/8i+Ke0XrYFj2aag809ykRhwydveIJ3BFoUp7HiiAA5lOslR0g7hs30WgTW5UK rsLWNm4W6vw= =4PAE -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability Advisory ID: cisco-sa-20170208-asa Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +- Summary === A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYmzrBAAoJEK89gD3EAJB5EnUQAJvwO4o8k7USSiKn6WOoL3e6 +xm9hU+un1C3En1VjHE+l64c5/INlNgMdqxU1ZpTIV/7azsgL75Y98XHCGRcdpNT 8eZkVSFdkskopqTzPhccHg98uP2PiKFbBYXiFph5hoVzzUEjfTnTdR+f4lqomGwp F4rgNpvfU44N5ytdR/wK/pOcmqvcqYA4d9FKHsjb/3uQqAqWoX6TlWWruAlu4kUt 0T/mPUvD9heTKjzSFIk58P2iUqpkSf33TxhAnwhv1UBsjZvOaXUH7kwEzfJjwJI8 Dife+6lOHzkSZJ5g/m/TDoNxDOu5DybrudMKf3KmjCPBxuh7L7/pEu1PmNHX3Gn/ 8W+dsKWIVCPI0ZqkGOgkDpkvdmKXskCH9gCtuaUq4B3teSaESulz5rHy9rvqieHH cwauoiNS8tonacBPOSwIAbCPFCiGM2MUsYXH+08IMbI+cGuRuTLyQCLLYKVG+ArE Pmshi9WbqrNJ4RtSaQ15jva5rkBjVuy3xhkt5yyN1GEQRr7MlNJBs2h/8u6/yKgo kr2WcPvtP4vcNZeC2ThKTmb09h6L4JzK67JJMZaORnIPigdyiY2vG7KvU03Q+HHI XbTeH/dgDTm6EOT7575/I8jegwGAXFqMZGxDyBIutJHviw/eJCjqdenrWZn+1amn i3VqKIeVzO2M8CINO026 =XUkg -END PGP SIGNATURE-
Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability Advisory ID: cisco-sa-20170208-anyconnect Revision 1.0 For Public Release 2017 February 8 16:00 GMT (UTC) +- Summary === A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJYmzQYAAoJEK89gD3EAJB5ShwQANzEV1txdm9Sb7W+5YB7jt61 bkfUi8XQAHxI0BavOPY5DOwNAdAzqVhSXPyY6PLminlCCE2xoVd/+xkXVZjs/3bW 1BEZPkc408L0TCagT0JMwKSStvvKqyOBMFAblgOh/OtRHI8Yfkmxz8xEE0Zyx/oq KCcHwh9uiqBjPNTIos/oM7gf1BwXO9HW4NvsvSNjjS+xhDbEsf3Rev1lpHJdiEic JqFfHqgVs7mkd+A5q1MIINo/rSoAXu3Qu4oyNs0IYzQi8nr1DqI64hhSGvapp5qe nsy7ryF3WL5DfJP/GGG6WNZfQqDA/HU+Wsh8fdeoExIRAhcsKK9pgx09+XpnEpv9 +IyLp6HcjnTSBS1LATVYGfKTk7LOhOwpz3Dr5yJUxM2sD45/ZRpDaU5HfmN94R01 6to6XPcXVYEqQNfXi2EVvlgdcE4vbI0JygDS/gWLeExNmpo1LANth9tKNj7BNJOp 0AZvThX+sG6wJhaVxVP9fOJ+CznNa01RzLkinBjPXcjCqL4PH+8kJfuEYZOEPhy1 1XcCdyW09tpkL1TzBQNFC8dBHEkB4Zq118oclgfMwjA52Gr8bBh35itdxgQuAzX7 obNZcuqk4Ky44gMfPEjgcj9Ku2CxwwY0igrusE1f/hWgjFaATHYiDkn7G3fwezfp U6hzONkgWE1mKTsm1oIq =68r4 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Prime Home Authentication Bypass Vulnerability Advisory ID: cisco-sa-20170201-prime-home Revision 1.0 For Public Release 2017 February 1 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home -BEGIN PGP SIGNATURE- iQIVAwUBWJHyOa89gD3EAJB5AQIIsBAAzigHM2b3CTJ8/YbZyE4MF70eF0rWHN6o pTOK5kZkKgdqAVruuApy7SRf/VzEN+DzifId1oYiWG0bTHjUcxV3hXq59IN4tHbD 8o5TUwc4rqRME/MS3bts3NeCl+xBvyu/uCuDWJK5ENOA29aMMe7kifJlmgyFhX3Y ywSqS+6g5YdTi7MDEgId7wZRXFKBpMimU4vhEdnaytxmQGtCIi6UGeO673bUUBDA fhU9RYktiJISwOP4l06Q+oMcbU5Kw3A89OMmRiSnBe34piDLhUHcSW5UFgUfvU5l b50XuomRS5h/dteP+A+SexFai1szYt4v+Vv5XF5R4Z1BefmFSqcobSuu1/BrMTuD kBoQqZhe92SHhDs7MVqRL12uT4v/h/saAvEZy7EO483rZcSIzURFkwg5Ft8vsK02 3h1H+AmeYjedI03cfAxsd8NJ8EbgHeLwXOLgTNfiVS5jIv9vrB8gNey7yoXi6iOj mFo+pOysoMI66R1rtkgDQm2vLVqOI0+xUlPa8P94N5MWKF8rFsa9bJkXR0/kaotD EHI11ZaQIsP/E2OCK7MHymnmbkNl42bWghLIMXDVmlJ79oyMcjcCQAU1DaTJAu0l j03VX9FOqLmSwX3vslCUY7Tdgp64I5yTTUZ0n3bP9/0K5D0ISt9XaQwP+4/BwDAG fZECne7i/l8= =3ql4 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability Advisory ID: cisco-sa-20170125-telepresence Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-telepresence -BEGIN PGP SIGNATURE- iQIVAwUBWIeDdK89gD3EAJB5AQI79RAAplmPBpkFRYb4q6MDIh+/vve0iCnqG3wr 9jBWnzBazufUTII3085vH9snHmZjw2ffliVNv6DsWVXeouuxKgKHMi63dHoLmOTc wvfAGCY8Ag9ML9or0ksOgeKcSq4qgmVqZDN163CvFtG/bq2W1yNqSOeNT2ay00SA Xe0mP/lzqzgI0V7kw8Z3JmGq01sOOgTNV/RV3f5ZQOG3JpXQUuto8YfDwug3F1sl JnNloBK2DNi5c6PzopqH2nYgWmOokv2VsSZchV7dZHHuwpL4yif3BY3p6SnZm6bc ijTI2RhAfGf8NMMkGGoj/qYWn0JgzUEJ0sjPnpEmk2wo7YrdiABussvQ7HhHjaIB 3ayzYMoPI5RfMXiBgFgz5Y0YSJPj/WUNEMc2P7uzWTXq9WHEI26Mpp9Abc5w/lYC e73xzbLwpEqCMwhNtjPCXZizG7bkOUeNWQCZv7SzRPB2vFpHUOGqUlpjHN5hygfk 576+N1nFcDcck6lpYGjuEcvbHQ+uJtQgGNcxm/8HHtApG44OFrN2lfy3nRolt9ib hngttXqZjvW8Z1TAwQmohzaio46lNlLpBbHj2lsT0WeluP6YTbGW3hybHqnDDui6 Nr6hmdyGkCay9zIvPwRsisDUOltu2x3RU/cAPFvqk3//fkyrCQ5b9/6o/qh+MKZN SLjZF80kyW8= =bl4y -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability Advisory ID: cisco-sa-20170125-expressway Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-expressway -BEGIN PGP SIGNATURE- iQIVAwUBWIeDZq89gD3EAJB5AQJoOhAAm8pNabl5Kr9d+LAe4IluOsqyeHf2gMg0 drcfsdA36rLpGDHkjNrY8bLkOpC1CG+XM0DNTcRztggya05W4EiI26DmFyxlIWyR bVI6h5VcTO4TpqNRrIYq9+iqEV2oKKTLNcBn5YCS0qU2dwGoN882cFoUsgKQcnCj etLfzRByCEpAye02Lz8bZFRuRdPe98GCqxo7mSnZzxQNtiUfN1LfUvlryoeDh01J d0oDQy8fsOtoKfWJi6DtZwZO79ySJ3Z6FDp03Xd2OqJmWNCMfYYkmzKMrfMI/Jyo l1Ze70epM9SJyxZp0h5dsSDryCMQdBvdwlhQuk84Dnu1hZOTcM2d88KhWIEpiUGo RcVQsAHMMkqHZYz14uy1bRc5Y0QxRu8WooSVQsDofSOJD/p33aDGudgnPZwyEvQQ V2w5oQ29jEiInPd+sadpBUtVcq2/EI79qJK9PaLmx7ML3lZmKynXfwCyWbS5o91q orsl7/+/EH+ty3VKF0c6x8n5tnRMTEfaD+bL7akjGaespehEL7t5qQiIHIBxWleX jXpYh5NeoVPGARMoQt6KtDsbjPY0I4nVbb5kTRoKMQ/9kZ3H0FAwxUwkKAnEVt6C g7USmB32lBaSCqnKAuRzOVz8bSy/6rdG9Br7bTZ8ezQatOCZBgmu5cBZ5yNVTxsb aifANu7jBdc= =fBku -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability Advisory ID: cisco-sa-20170125-cas Revision 1.0 For Public Release 2017 January 25 16:00 UTC (GMT) +- Summary === A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas -BEGIN PGP SIGNATURE- iQIVAwUBWIeDV689gD3EAJB5AQJ5Zg//a3dCro6pWqKHfveTah65APzs2XpMIMIk 3D7dKxnm1d6g0TKOI+lGcqDlgTnApDGJNAtAxhYqFN+w/RofPHTY5FzRZHzoikYc d3rWZkPmLPld/WjdTq+yHH0yFC/fyjYE9jFRD96uV3AyCWJZbX3931mAotJp4YKL McteDcw1tzZkoR5uOmbks6pzBbS70ZxYZ6o2fz9MhdIbBK9OfMp61sfIRGF/L8n9 Jbyc+Boqru29lTjwmWmeMq39G+gAm6QQxTKA0yiIq43RrHrDc+jGCW3jXQ58ptYn geG5xQngqWSI/0/2q4R5GHmVXbprrWu4jvdYcM8z9FRi03wYkivMbLjAP0k41oX3 OQOIsR0frAxtAhmjQ62njOMbmWPVwyCxr+NKacQl0VfyXubiyGWVsM+APu3Kxowo hlCKHnV+J1/8I9yx8rqUe8kqdoNM9edMUUC9M2DP5oscG76kP9sIfu8ZujHxwmsd ehp64NTrYfWLDLvlhCvkSli/74wfC7fjou/lLatqZd2l9Q17wBhhd0/Sq8DMNw6U 1NZgT/WKDq35nOPwmVYm1JyClhMx0bmbxCGwRICDTjW+kWZKQV16Bm4lOeHFKoPq LtS5DI8l4oJHa91g25BIkEP3A5GH57k6drPi1UaCaXPO2Vk2/ea04roPpJSY/g5Y 4PRK9X5DKrU= =780F -END PGP SIGNATURE-
Cisco Security Advisory: Cisco WebEx Browser Extension Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco WebEx Browser Extension Remote Code Execution Vulnerability Advisory ID: cisco-sa-20170124-webex Revision 1.0 For Public Release 2017 January 22 18:30 UTC (GMT) Last Updated 2017 January 24 18:30 UTC (GMT) +- Summary === A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks. Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex -BEGIN PGP SIGNATURE- iQIVAwUBWIeo6q89gD3EAJB5AQK3ow//aUWUWxVoRUzo9hxvdE0dquUjKAv7/suF XG8uxNPpZ9xfSs988E07Kt6uF5sJu4xl8YaqYWj0L79jxs4o8fUmmzyFInJMZhOd 8swAjuz6ihVTe+Nj6ahcxEoRRbkNYt77YZAg4m8ngM/5r+QSZRSw4nVpOvLqP9Wv KBjbDVhVMjJ+eGBOEJhfCD8fdXWVIe6RvP5jj7RjaCYWl9yrSFsfO1ccysoCInNk aXKbEwRXeVc3CJHqzg0GUXXnJLZ0jQv81bAGaieCt8eFTjbyK3zghHOxhFK+IUJl ol8ARSbrUpBL5/wSodhtHe9+IzUjiYIMnWiJBLrRWHSi4IXuN8PYOG9cTIaFVEGO QIf83/FDVe+Y5WdfvMwQDDOnQFe/X47GllPoiG4aPouuc7XcbbdZZxZm2kjsdhhz 85sh+VX8giL4u2OOqLSDlLuThqwMSt+1jeq7El/mm7LemNI2y69JUORthcQvOBXE JGiaOfJKc/hJIypyWFzB/eaCbv1cdcny6hAtDIXhyW6AgcNBoTYAIyRiowrgtzWB 3z9yAlFklWKqD6x1zHXEPn8HYSl97oaabXG1yq3quEMSufXT9YsAzElYPBLxUs3B B7z9mpLgdp+5/rdnpDla4ToNYYb/21f2WqDRHAS2FKPhvhAEwt8fBFiulWKBXQaz 3Fpq3hxXY4s= =dTTj -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability Advisory ID: cisco-sa-20161102-cms Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the software does not perform sufficient boundary checks on user-supplied data. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted IPv6 input to the vulnerable function. A successful exploit could result in an exploitable buffer underflow condition. An attacker could leverage this buffer underflow condition to incorrectly allocate memory and cause a reload of the device or execute arbitrary code with the privileges of the affected application. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJYGeeYAAoJEK89gD3EAJB5YUIP/19rgJYyhtMGclvuJki2GnmF 9Wr6KsfgTHZI2uxWOrd2GL8kLt3a8roEeLxY6T7d3aL4J3e5oKTf/eAETuaHsXnA NG1RknOcOn9P0iAY8Hr5UjMfZcIU27EfnnACqclecXbNiH1NWD6WPH6r058041Ib OXW0uTsBWNnhgFTDPuks6rCKBibbKiBYJWi6hFqqhfl7dabh7e4sqIZrR1PYZ1Jb RjfPd5NhD2ksUAeRxuwHD4hGRLQZS5Il+DdpbJ2N7JzhpaMMv6EfevqhImPCe1FM 4C/sjBNbBSYlzwdoVSDwoPLTOS8NJWPK39WC7JB9Jv5JetnV40t0gCvy1AYnVedF AoKnnkaDlsCN/lzW+js5YuKvOV1hRe+r/631TV3VWuC7SHDJCoF4tD8s/ZBugE6k 8xkN23AlsCtgP/5GNUSH4wBOXaidRTPKK5YjT0hsIqV29TYjx5Sn3BKsjIrVqB6O sJDPcxe1p/IbNL0ZRiTnsiPcrZM5uvFigyzSWixT87rfFQV4cawN6VRmjZNxZgCA NEsqCJbXRANreYD840FWleLaw8VCChU2qms3lz4k8GrLuBzZg1o+2IXd923YtCOZ qKp5szHDoPhrxLMZRL7aC9rajPv7uqQQrNOO1FMC8RRu13uriQl2oOzx7WkhZTnG 16o5lSdBYGKg9HouNE3i =m8l2 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161102-tl1 Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +- Summary === A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks on input data. An attacker could exploit this vulnerability by sending a malicious request to the TL1 port, which could cause the device to reload. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-tl1 -BEGIN PGP SIGNATURE- iQIVAwUBWBlmqq89gD3EAJB5AQIECBAAg/G8Bb3ELSIv8KeppZZNvnNuZu5+JXSS TzFdDS2jpr9gC93a2+lkuSzQd4JGRf52u2LGrGSlAE8nf9KQOootz297+N55211t huxuaE04Xn+Wnqi+HMhAN7i/fAqPXvy1MGdwuDs2j7SjuoKXOBpIjyPVbAflI8zx jX6TTV/qBH8FYhozONXSAtxC5l3KT2IkCyu8Wt+fsCmQgnWEBR5lnKVmWOyX7+sm +/H2mvrd+C8qJnNmIvizDIMSIMRLZXCRodyTGYcQqmO9Swaiu5ucIHcPe6oVSJvh 68SmLD0W2YAxuXkgX7Pr+hJh4/oN22jRNJkrYWO6Niy9mNEyJljp3eGWKMpbKXK7 Qe3DHZ5ILjLD7hzoUTZYIBhHkQvmJbAbXMuuIrGDxKnIqS/1G5q2nCoC99Qb66IA +mOoY/eehJUOFyyfX56NtQuXA5NLrseHWVyGtecLzB55nxqQ+bpvdkYDjV/7fUPc M+jgtTO1AhNkqT36Sqr8x0R152L+j6LxBbhT7DGPWjywmleHBGjqRSqC6nfRV8oz joTb5MScXvUqM/oyAO5F60A0eHjY2Y32B/ABe+GfHqtnFFiyUdofWgtpH6QPETbO QTg5inydNDrqppAA+T5JG3LZJpSn7PuIJ60HWFSirmgAgpHXhe7yCi2+X+6y9Fp/ S0Sdoo9MXGA= =leRx -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161019-asa-idfw Revision: 1.0 For Public Release 2016 October 19 16:00 GMT +- Summary === A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBWAeXoK89gD3EAJB5AQIM7xAAtE36fCsdw/YaV7kg5vvMiKKs3fkhJP9M 50LT5WmbzGWI/61a3Btml8Sge2v8ENiiCQRAPchEHoatnvhttNhbJKjOLvmwme32 urq9OC0VXkTDXvEzQUEbUgHNVJgIx0mDPEbrqmxtqIOKGR0b6FqqAjz0TblRVj+T vUhkfsotnwl5/56gxzVgn+9OHcFHldeKINN/Z3dPKkV7Oz1451US0QtAx3vpdbqT hL+sMS0HYI2z4k+GwMNN++0IydVfzd3gOIduXh3grJVB2oF+TzUUUfet5lVMhXaw LuoNcyqA+33C2B1PX4JPvEREARmej+nyRL0csuStNMWZfNrnim60I+1BzvOavPSF q1diCQbWFwCwOGKPbGGicnLSXcovpp7+hd6sMbU6hiJNd8MDFprZRQuo9KziMYVf vUwJjZZbGu9HSV6AXsSebC8Fg5gTN5MrnvuNmo5WXzCDEeCr1hGSGnLmbEAFp01t oklp2lkPYq2l3kYdhJuVcMIYZpy2uvwPh7EHZQf1DUSajn8sA3LzuiaKFmdkttc9 f+j6jGjpmyA11Si4ZSGLo77+F8HO0VCrkwkr/Dxd84vSv/ES4xXr09saUV7N8As/ wvxWUhqwMl5XyS+Apb3hhnKZ/FlKL5KgKZ6shZMMy0hlqJRXYbfrR/H3ZgyppVpP i6tdApTzCbg= =qYCF -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Meeting Server Client Authentication Bypass Vulnerability Advisory ID: cisco-sa-20161012-msc Revision 1.0 For Public Release 2016 October 12 16:00 UTC (GMT) Last Updated 2016 October 12 16:00 UTC (GMT) +- Summary === A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability in some environments are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc -BEGIN PGP SIGNATURE- iQIVAwUBV/5T1K89gD3EAJB5AQJXixAAya7sQ4U4yX6jUyZlGvudqvto/qHd4gj5 1KCqLAs6zo1xQ2FckY5ZcSRCmih3ePR3gn7MMa3hvyaPRrBqqIsStRcsbxgWKK4o b3z82O3Ff/texUaVCGcPjOlW3Dyji0YNblq5WaNqoNyTDxHRsoF0q9ZfRCPQ7px7 ixH7sjlSnR7M5y8Xvx0ZHPrgD3dh0UFdBsywM8wWKAwMRMgnOK3R8TlbmvRNwEQu JOjdiIjgiZ0f0mF4aqUNwSzkBbSBEZJ9PbHDWBfxcFnUu06Bja+wRIqIP+iaUFUB RFZukZ19hPjbuIb3qeKOjpbvOBWdt6w+LGmaVLAvQGooFg3at/LhCfPjjKkPZxfy E2kD2YjkI1iKbVU79qGmZZXydUp36Ec3uLQVKZJV0vYyg1Frrgh1NXBnQjjCJq1+ +yA3PB2REapoVF+GJ8S5Rce/xYuIh1BG5WMHDGtGKig01e34nvVKHaDVxUmvF/bu Ldd3WyjJqd0hueeVeAMnogph4Yk9Q0g4WugNKex8gmiYnA6RVe/j6W8MUWLi2vb6 4wep9961nqk16hOeNhNGO9CU5NXNj2hPEMBwgcsA7RJDMLEQpuEmBpuBzxl17vya vEdt/RQzKTho23POnsSpyucQ5TbXsiqtHxzN2lke9UH0zNKOLJXo+y0b/EElWSAC AnmG++lEvcw= =Y8pC -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-bgp Revision 1.0 For Public Release 2016 October 5 16:00 UTC (GMT) +- Summary === A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer, or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. If all BGP peers to the NX-OS Software are Cisco IOS, IOS-XE, or IOS-XR devices and those devices are not configured for Cisco Multicast VPN (MVPN) interautonomous system support, this vulnerability cannot be remotely exploited. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV/JmXq89gD3EAJB5AQLJww/9FYyD6RKmaLKRJHLCSs594In2H0xpguNI WJS99FG1u6sffRLuM9lI+H38Q/cNotU3Z1Zd67goXppd+gLiSi1hxoEJkk0ogb35 mttvlDNkEwP/0P9O5dfLZTebdZHE+udmp6+K1O7S1y3yTYWb758Ncoy+WDflcnkq 7ecvygPmQH2FZWcG+j5/zJJ7VSUbcqd0lpf+kqvzBpcxSfdXMeDaAd++oSycmzS4 VuBQosYsd5Ee+5tpA60WxBKVl6wMB29xq49x6YH/CRmA8EjTg5pzxYaoEvaTaQR5 lwGot9WYbqZpwqEZthipOR/tY5ADsC25N923Wr3f1yq2X8w5hyL9rVtXpCO38Dci +1CdgDS5wHRxA5HmcD4kUIX50hAXShXarT14qj9lc+eOKL1Ge61txg76EAxDmsCp qa/IfbdQYPWN+STfG5PO1h3rc0zLQRWQ9Y0ogyJ6wA9fGBMnBmY/mQFFuzJZXQ/b VIs/U0zs/BrHN0HQNrVYGJ02kZrYq7j+HmBeYK2RwEH9MkQ3w+BphmYhoy+nBx41 F5l53CI7hdaVTMcP1M+pb9g2P3NoVC1JfI9aKwGc46UEMh8ZFgFRcacnowtTdWbF KWlJ1yFmoPycxo8OwAtzPyA61LDbK9MRAttaeAwp+d5bIBope/q4StMb3bYIML4d tfn+bcAL/SA= =rEVW -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-dhcp2 Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5MVEP/3Vx+EYmJR06nN7u3bJ09QcL rCM8WkIN1l65nJOsefcneDlPoLDnob31KznL81u7gXtXuOptUD2sT0TsDePwKatT otvhVQEu10tzOmDwStDjhNO6q5fsrExFMrdD/GwU8ZSWUlffWfMT22Ov4o31qck1 rMtE5Qs7G9oaSVNA+CkXcQijdhnkgBs3C51CumSHB1R7HkZcNJdPU7bOlU5lgb9p 1kzg60E4owVThLiGoG9CwBYoW9EhhkiUQCDiPui/cyp2SFuUeGdcz+hpX48Uf/0+ /2t2cqmibN44Yo/1NJytmEam4HhjF+rpPZBO2R/1/Woggh5id8FAGFmg2prcyM8Q 4/o9PZHFI61UrXAFIHyvEJGdrU5hCrGHaoOZMoY+TwCdmw+bvvYjGu1uSzK6An0L PDzJkLVSwogr16dECgESt3BEA819it9r9M87c+oRp020aniWZnne39xuXnCA6oN1 3+183bnFKYpgdYrlDLNICOi2MdWsEAjxPFMI/zkHlQtqus4vkuWtSPkiC6+AlGeZ 9z8YEbpjFhfZjlhqnXd9jLNQLAxFGAGOcz3vndjNsIwLQmaN67+EIbtt30lxJ0Bq JmtrsojSOx6VsH9JigAOxznLzF//R4reNopiVZqwvIAHpbE3CXjSmmp5601QPVK7 nsoocohg8L6C9yNvdQSU =jkG4 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20161005-dhcp1 Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB5aJAP/iqU3jgnj8/ZfH9bDtTZzo/J lgymui54AgbK11rUmqDyzsPctHTzb/RONGNvozEMT29MgTw/5YKXGdEEdJpEcTRB n0btkc/5HJM0kS0wICLCQgwNdlmj+ERYuNIV8q9VwyPOSKoNQy/kKt4QRyzc2lbI E8nnrEyZZHYtt/eP7Ltgpy2YnXsP+ejzc8jPTYQXJiPById/mOINSjo+iw5Pr6O1 0L2De/WsiDHsWyBnOlljktupLWwxwVSNIYGO6nibMc7R878oB7MQs5/OymQq1CGH b2ed5nROf5QtFdo+pgRCjXw/87j40BNr1IKcCd7U9fzvzIGxF5JxDQ8lyzEJ5N/5 DOOlfa0CtQ4qwaP6lwOsO1mNrUjcNCDugmICucNo01VGyAReMLy+4vQBmD9AkByU cq51vQXe5C3PyU4quaDK15Ix1DM5Q3FJKRyaJ+6ScA0I27L9BSel7XamI9+IrD3N S9VKpjcZvXSauwfyQlnKilBNiQxbzQpt6a8UcX/EOx/sEu+G+fa64gPRcdi6nTKQ RTj+iqttSRJujQqYWVB1/5xK/VhNu3T8J7KssmS/gFXxmpCGebZLNT9ooiQQk2UY a6gaFcsNladvhr4Y8nltV+jLpCal9vD8og7B6dd0EU8XMvUxTTftP/xJANNghCa4 ks2Moj0fJ6Nfk7DYr8GW =uwR9 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability Advisory ID: cisco-sa-20161005-nxaaa Revision: 1.0 For Public Release: 2016 October 5 16:00 GMT +-- Summary === A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affected device during the negotiation of an SSH connection. An attacker could exploit this vulnerability by authenticating to an affected device and passing a malicious value as part of the login procedure. A successful exploit could allow an attacker to bypass AAA restrictions and execute commands on the device command-line interface (CLI) that should be restricted to a different privileged user role. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX9RRvAAoJEK89gD3EAJB50dgQAIrB5QpyIh8qhoZ2M5E5tHaU 8kp4One/3FfMzgACfWpMGR51Cwuz6janS3CvjsXdVv5G6NNlUmQr2DTq1/WOy18+ ZLPdrDUo9CCwOxCm8Xg4dWIud6KbioaVMTNdC5Ut7OvgkjxWkjkBZ2ZqELai5G9G eZQ13hvNmUvNt0FH2Cd+fN+jyVv2Q4YYtPrwQ5028vSn/eESfxXi1/NZq5v/Qw9c YYEonqDugjCEj0i3YfQU7gfSsOzSdZ3BG8l3LAFr4Ciw7yETDdm18oSUWM/D/1gf O7bqpoEZ6lxBNEumfSJG/HHVMqVvYrORjmy4pSbtHq7gVCigqNCv7Bh9LaWnoy5g E2bunRgPR1dtp+9a9mSFdrhyNYI04Eg7HcIcLSaDtdAHJVTNPJzFIZLF11qGpuQv Fmy+F14rftAt6jOmuuBbYKh01bK+nfVSMATy4oLh8eCoxjwzHigbYG9gz3Ma9xEg JZn4EytMq7PHeU8rlUS6BaeG4/SZJ5y9giXRmwFkkKtdXRWIIK54KZalYvgjz8GG /5NqnoVJvL2ehr/c1E8c4x0XKKwkCd+6MwzXXfR3rgyXa35wLl7vbM0jI+RfJybS Qiw8wDZ44v05TP91vxz6q/bh0KBUo+A0PmU9GDqQoJ5xAEUeYl5K+ugWGKAauDKR WgrVbP4KcUSdQAj1zgZ0 =NOCy -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities Advisory ID: cisco-sa-20160928-msdp Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol (MSDP) and IPv6 Protocol Independent Multicast (PIM). The first vulnerability (Cisco bug ID CSCud36767) is due to insufficient checking of MSDP Source-Active (SA) messages received from a configured MSDP peer. An attacker who can send traffic to the IPv4 address of a device could exploit this vulnerability by sending a packet designed to trigger the issue to the affected device. A successful exploit could cause the affected device to restart. The second vulnerability (Cisco bug ID CSCuy16399) is due to insufficient checking of packets encapsulated in a PIM register message. An attacker who can send a malformed IPv6 PIM register packet to a PIM rendezvous point (RP) could exploit the vulnerability. A successful exploit could cause the affected device to restart. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB561YQAJOjzfSJejNp1gjlewhIWplx q16B1gGQVWYLquXpaVrvVvelMZ7pk3JD0zrH2MVh1s/TUNEqtm7oJutt+KWAqoNU Z7m0+uo/wE8S8AOmZXR1tu9KY+z8sFQp7Te1UetXA+S1F6pz0vy9OhkuwTcZNj/M SEr30EodtSLpQMC/MktE5gnTB8Bw6hSNYdDg9Q9gLpL9tc8466rSCJ0iM0L+wEYD 7eno/yufeV6KpuabR1tCSVgvEdU/Z5SSWspbaRQbFdgnQyN+Kux7sZ5b4rkhGd0G SW0GjTkD03ITVlwoiVhIdI0VwA6A8MVgfKRTEqWeNGvwQOOrPUsI5t1u/OW2quqe oCihEzcVIthTpz1GiKoetpC3mtzxvn3kPRrCNZ4ah4AygUSMGvq4hmwxFvX81i9s iFecwbSszNLHeEFhyOt8yaPiYpB5w4wmSYGztr4KVWs4pPWKVgrMhpqwqDd4nzmI 5g4sh/AJdQysHznUe5DAFCfPDulJkylZN4MgVQ+pd1RYWvrjTrg5EeRfVhAryiWh F5mTAGLuESO8QIsk/Vyk2bDcw/sfBcwcbGY6yb+7a7E7KMCllqLzJhI+XncbEyxk xaJYIbWbofJ46hWqGTz6RHDMjeWUdojruymZmvR+a20cHHT+qCAA5Air7JTlatr9 Oj07cuVQbR2OI4RUrH+p =fO6P -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-ios-ikev1 Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. The vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1 This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vstAAoJEK89gD3EAJB56nIP/3nkibZCUPqC2Aki8HhkABUi CsKrKk/a/eG1Y+4yGM2pFIfUwVXUX8cjIus14c418CxuePCNZf/u8WcNcKnd+QNa WahXGn2krIlas7g8kJP8Pvk8nVyxYF10nR8MPQDjCyGXmuAbRdkuPUjEopDkMr4R xabgu/jL7M+ZEfnwbGZRhq3jMBiHxKhOSZO3qDZYKOMB3KALQBPL4GiRGO1eHrzs F6ZE6/l4d5GvtiSeD8WJ1A8oY3gSo6qD7VZcnDq3ZvHN2Elnc9WRs28CN70eh+xz VQDN7+Vm2GqvRgRSGtypk7vLmaeUnZEXQ5jpJHQFgTnp7n4elVH4dC2DmF1bYd/m M220xbScBKvVjjUihQechgTsINwkBbARAnuTlN+IL/2FQqF+XEmSMLzEgvTMD/gn aNk48i8Vx2nAPd8lzi5Ab2mvX14ss/tonnz6behCd5uqKU0UZ18bUEqc2haYAAM4 iWiE4K4SqorOHZwcpWSsJ7Vs72wmXRYnxzD2A2meTskyLQo5cJP6eqkK7Tadqf18 ao3Ao4hdVbkRVEMnhG9N1oVB5X9GAIsUMfeWEA/nKuomLLO37NgDEc8Rg278W6og SH75yARDeViyDQg7+AlZnlJlB82+ORgMlsJFBUD3hKhCQYX4Ou3GU5BccPxY4KAQ oWNuau9ap2FXdMVrW4gl =Ku7Q -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-esp-nat Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of malformed ICMP packets by the affected software. An attacker could exploit this vulnerability by sending crafted ICMP packets that require NAT processing by an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-esp-nat This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55ZkQAK3+Rm0PWnY7f1hzQe/svkhg lh6oi0Kg7UfdHcBpqMd3N/zYTePjD/DTwbGAV0vtgMhPGAEg0Q0L90GE4H5zudgU FktSxr15lKSXpZFooUjQFUSKjqTgDoxV/l0LGy/QqLx4kILHucQly6L34n5O4v1q OdrGjMKzGlG2AIxZOK9VL1Cbvh/XdXInmiOTfjcJrxJ+MMGtK2owJVo6n5jmiaIK 7gIfFdZmI6ODKX47SmRQRe5QWj0pB37zN+RO6N2tN2FHXu/3Wyt4O0SAvbCHhcWu dxRZRhcGUb97xHAJnY5hGRNP25hecl6blq5LLE8vt8G1IIMZGaDFVk+fu96IZ8EC sNgcX9McYdlKTfGfTcgVJwzBp+sFHgrLZngY4xOMKOCKssKT44kO7/WnKVu4jyeQ 2jtaWm9s46dbXWm7poqy4aHlP7tSC9miZXyR25yOUSJqWSyhFRBNsiixuw3ocJtT oBm75amZwqNbxZAM4MdA4h4KCfzM/w6WtBGNr1sGzoP0E5oKrSgKLIpYV6QE4916 lq4GPn7v3wXKIoHNskuNivnAEKspn5qy3RkJ6cdb9HfFrjyq4ylXDBiwsG2gzCoA 7sJRBxRTe97iDwI/33BtFtYBtpwbHlnD5+ldZb4mRjfKUHPJ2jzgRo4WEvRoOW9C 0dgRoK3Me1LL/+ULExyS =OKzi -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-cip Revison: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Common Industrial Protocol (CIP) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly process an unusual, but valid, set of requests to an affected device. An attacker could exploit this vulnerability by submitting a CIP message request designed to trigger the vulnerability to an affected device. An exploit could cause the switch to stop processing traffic, requiring a restart of the device to regain functionality. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB55BcP/3jsgDFYqZpxEZUO2ZJaXn/I cgITUamc+GyA2e7GSr6PEFqH8IY2GjIqw9+yeJY3GLbI5yD7tr7W0ssZHR/8zKlA Vd2Cii5IPb0MScMMD9pr4jVzEDH8t3HbBIltM3/3v9Xhrf6u+NgxHXb1V9sJpXOQ Q+2FUNsnPHq0xP1/ukdL+NkO/Znil5HasxNlCDSQHzCEg3+Gv6lUIXsCd3fdYeS9 UfWwXTEM3/2cPMC2sNst4k59T6p9t5wC010OqmWkkyqy0+poyWGmqv8upX7iwq+C Z+RprABHZh5lJIrk31bAJRTdRpe1iAwRQw/FBU3AkxTMZpE1JiDOPqEKXpvIm4MF UKCBXKibP1TAZnpa/Od59xpeOZ7lm7Iyr5J394s+ke1J3g8avbU7t9tglIYuBkCx rRbcik5osYpRq0Fy7YzAFNb7SG4RlrLjunU/A/ieDMVTyQ+areRl0vdd5F7Z0bDF +fowEopXbgFTWl1FdKFXa0wtwnY+YDYKYzqUfLYeeyLjxNWrj52HVNA+L5ICd/N3 gyBgbDHnLvBn7WlTJdlW4DATG/hUyme0vZRWnIH8QDR5T+U6gWWCTme9ljnsL+qO DFZrDRpgCbC3qbAD8mDHjvDStoq2gMlx4vdfkdeOC3l2dGtfRt30XdKXQ1mYumH6 6ajuf0yVKs/g0HJJ97Rd =Jpzz -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability Advisory ID: cisco-sa-20160928-aaados Revision: 1.0 For Public Release: 2016 September 28 16:00 GMT +-- Summary === A vulnerability in the Authentication, Authorization, and Accounting (AAA) service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the vulnerable device to reload. The vulnerability is due to an error log message when a remote SSH connection to the device fails AAA authentication. An attacker could exploit this vulnerability by attempting to authenticate to the targeted device. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados This advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of High. For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJX6vssAAoJEK89gD3EAJB5QhAQAK1qcs2Tofs/jtgm6V8kf6/T KF1o/mYTtsWhv+ktaYNGRWQAwRmeBksGPfkeDuYmj4uhtRiPAUwDknbBVnXd24Yv RYeyS8tULGH/PYUZnWOcxc3dee/+OMBnJjkbY3MMtb2dfwXOOKqIShrKoBvp8ZFc GBbD2vqh86qxPTS9OUgPrR2RcmeqC7GwAV/iCIYJs/lX1E/BjgCbW2YHNBFUwOk4 f7v/fB5eeFjTT/PTgVZXkJJXMgG1P3z8qDZLkwUtvMrdOixz/3d4T3Cfro90mrBV l6TXdTQ+r/rHGRLhqE/m3eTKGK5471WoeiPbS40WBuDQN2h/Li52s9B7oIpTX7eL UeZ7BpjxhRzJqB48mWRnmRh8kiXykgcnCiE5PTEKtuo5HMRmj84Q8vxqNy83ILTK WDCNYf21KaSxnWF2vWqcg11wHyrLvbyV5k4nFaRG+rUukAPTjqolT+IyjrfRA5pY +boX6cergmOnA+ZFIsYU7Km+c1JE0syOdmsmtMeH2EfmRS27DqrhQy8PsPPzY/wQ Wyk6Z8vQfkuAU6qWoD7QfanfQA21bhzmyXSB4+tbBLpuUyG1iLcFWj77FZYdptI1 7Iutbzve8/WulwBbfSCWtWVs0pk/PU0D9bVSSoa5mwtuXUuB/2MNn/nH32Trr1h4 JgDHUl8OoK1XzRBxRuK7 =NlPr -END PGP SIGNATURE-
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 Advisory ID: cisco-sa-20160927-openssl Revision: 1.0 For Public Release 2016 September 27 22:40 UTC (GMT) +- Summary === On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as âCritical Severity,â one as âModerate Severity,â and the other 12 as âLow Severity.â Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as âHigh Severityâ and the other as âModerate Severity.â Of the 16 released vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system Five of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV+r9R689gD3EAJB5AQIs2g//TXbk+qIT/kKxt/MJOUQLkID2tdWZr8Ls 2vcQm5EI8HKr+qSFih3/jyRl5A4LSZsZjQPIo6IxpGKtFLBleBH89l+4rh5D9Hit /hpQGgIXt57yUug6vHqZiU/zh65pifVCOqvu2E7Gy6pd530AqLhRjK5IKND4GFaW M2QPwrM2DYchWBuFIA7/r63HFQneaZqzHfR/wA1hhcvWUkDR9h9DaLbX15vG7CHI J1rAgywVeLOMN7VjDwadvtNfDECnLYeSP91380oL6dB4zyeO18YoHHHYuFTphRSb umz2zdU8Ku6QBXnUvJjAW3QtzvPX3scjXOgeJqHMLK+38tPkoHZvQeGRfGNmKDEQ 0fA1xFQLlRtetjKGC0L74IjdUXklvyTuGbn5P5CP+vBTLaWCcc/rqfY67NfNtIqp SKz+9UtprxAlLN3BKkCSzIiKS3BDokbOEORHCEYEmbYkwUNVp0KEXKgAgNlFO/BS yaL+CDxxiRdbnFixUcG8/xQj584xwOm/cp1u8otySYfSd70oTMqP11VXh+WB+6hT zHhSMOvLzpLeM++m121ojARIXbXTQLGziLHaRSi8WH+OuB6rceic0f0HwLlBCRlk LFxQunW2EawYlJGV5Czld4vdoHBSDGcP8bOg9M4LUtA+sKCGpgrTPombG98mhuut 7i2jUMZa7K8= =KS16 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability Advisory ID: cisco-sa-20160921-csp2100-1 Revision 1.0 Published: 2016 September 21 16:00 GMT +- Summary === A vulnerability in the web-based GUI of the Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient sanitization of user-supplied input. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands. An exploit could allow the attacker to execute arbitrary commands on the host operating system with the privileges of root. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-csp2100-1 -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJX4qcEAAoJEK89gD3EAJB5pnQP/RkhC3wsUC1bPwmPjleqpSck d8GvNrfAw+3GgMkMj0WFoHKvszo2/Cm6Ao1mIz+Rc/D+g2uZOQmmnuxXflc4Trip Vx+jjSwH02j3q55sj8bGDrSezmpHLEshKn85Z2wBYFRqydxkXwUXHiFpLJ7KKv1n 8ASMBScusjxc63KrleLFpUy4vdVtnvVSqlnwVrb36DrPnBQ2r2UpVGtQAvkaUU4h V8wOfi+kR7bTXYPkBV480BKaTWA/W9XJVxlYPYhuo+KY049E5osk68rEeXYWpC1H k41aT3iaLcdz/0m7tm/ycBjci/97bAbwiG4Kl4zOXa429iK5R4/sqgLsh1TyoQ71 OmjxZj6LvR3E3R+lONm8Htv80W8VGWRpeNTr9hPFC+mtHTx1dAl821oJC7xs8Q/W 46isqjdYUohUa+aN/ZJyYJeUfC2DRHE4X6KtPR/fry7sWgFzPWzVKZU4tEjlTDPT 8LfNgXb6pegRyLZmgd73lv0ngGRwZBFVuXqL9kNFPgXf7X3PTihUWcgQ/yFuXgDo wVQmLEYzzxnt7/T2TVgLZ8c5jm70kFjWHWxwumVYliEnfXYWuOKHE2hPXuk9T9W8 RxD2ZBKI/gZtOimzLFdQIqvbqJ1V6gbo5aZDQGWgdLwfdMaIefhAdUfCSCqQwrHe SKPu1igJkamlZfkkl26P =SK2h -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability Advisory ID: cisco-sa-20160831-spa Revision 1.0 For Public Release: 2016 August 31 16:00 GMT +- Summary === A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of malformed HTTP traffic. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. An exploit could allow the attacker to deny service continually by sending crafted HTTP requests to a phone, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-spa -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXxj/MAAoJEK89gD3EAJB5fiQP/iXbjAHIcxAZFq/nuKfScFTR Tukk4gfyLP6SA8LJwHPEKGPeUrc/u5yC/UtqEUGEVGivI3THG+o/cQllS9Gry8Px S4/2YwuLrihii68jEB4FqKrLrv+t8TpsQKTz9D//RiHeQ5GLQ1NIDliRA2y3jh3k yG4txfpOrOjm5flIsL7nEdYt7eGqtJaJt5bfrBv2GFkpD3rGhKcKKYhV9sfisZe7 CVTcePwVvLSGd5ClkRbVJ0xDhMT9fCb9tsi1FUaMZwjL0t5UkWfdUpi3KjHxql7r GZTBCOmcJ2ALMfK+mFTTT0TvlfogZs0vRo6PPKmYh57LDQ/sOZlrwBN4hw+2gOK+ wW9uQZMPixo1k7CL7NKbo/Vetm43x0yHJqWffgv5AGHX1RwLLR4Ccf1/PoQqBsh0 fKHdoXjvvLBubC6mvKvG99s8q63whlAz9OwhrJ/J4r9J/lLajarKyp2nJEa0ox7l Ji8rI+o+EdlBpT8kufhlZjs5ute7l27QOFxsy4YMZnTAgEO3M39fMlW8jnVEBnxI pKfgQJ+g/8jwSx3tHtzZA7OjjOP+F4Dj5TC1qcADrIHrk84ok2xojWqhTJZvO6yt obvtQstJtoVtCyNZxKaMKJzWaVkiB8fEI7aMGk82ioCV+SytMMKbMxdxhDlxq0dU kXBRTHvADTwjYYTunD6x =bB6A -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160831-sps3 Revision 1.0 For Public Release 2016 August 31 16:00 UTC (GMT) +- Summary === A vulnerability in the implementation of Simple Network Management Protocol (SNMP) functionality in Cisco Small Business 220 Series Smart Plus (Sx220) Switches could allow an unauthenticated, remote attacker to gain unauthorized access to SNMP objects on an affected device. The vulnerability is due to the presence of a default SNMP community string that is added during device installation and cannot be deleted. An attacker could exploit this vulnerability by using the default SNMP community string to access SNMP objects on an affected device. A successful exploit could allow the attacker to view and modify SNMP objects on a targeted device. Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-sps3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV8RIrK89gD3EAJB5AQLthg/9H31fSwIZPl77TIHr22TNxJxUro4RCWic mN8tfm4DidmQOL8z9KKtWUH+bTuHJG7jN0JMHrON74IGzJabGaH3cGqCnYpePIrg kgJCSkv9nnjlSGADEpCFg5uQ7dCpSCLbGJDRcQ7fY1Dfbu5WBpdNd2nUJo52+k5F ZEQxlSrdWqu/ki0NYCUamEg0PeUslwmSUr2FxQqD3qqb/Hqbm7cKNj2bkAn9ahna J/bJjKIgwj9/l8S6cQZXydgPucH6rhLRGQJ3LrVyvkUbN8zTC7fYslSjvmOe0t/x bZsgdp6pARZSfdOvoGgnpayPlVSFlS80ourZ5H9Km/mbvDT/4Er+hyPO7so5R0en 5FKUmoTiu3rUrQHdq4lfGO+PZ6QX8f3vWbmRcYPSNFKZEddiNPo3SAXBieLmyD0N ocDEmpNg0KJWspkHLfkYav/ET4U+f0EfEwcDzYvg8GRDC/AKyh5p2aSGBe0m+rvj 91fq4Xoh3LDSc7Fb50k3Ky34ghZ9rbBIAWkQFRrF206cEjukL4BDcBB9bBlf70A2 uvbK8mx+jxEYm6uBmcI1swsAy0B/UwvBhkI1bmn7qoNwjg9uYev1k4+8qD8hsbg/ QJBOWROIB+EccA3/aO7vXeBuP4XrPY8Ud5w05FG4RrWYWikMf/4TP84vXV0lZ14D Wt5Q3gIkvJ4= =Jk1q -END PGP SIGNATURE-
Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability Advisory ID: cisco-sa-20160831-meetings-player Revision 1.0 For Public Release 2016 August 31 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco WebEx Player could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper handling of user-supplied files. An attacker could exploit this vulnerability by persuading a user to open a malicious file using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player -BEGIN PGP SIGNATURE- iQIVAwUBV8blLK89gD3EAJB5AQI1zxAAx6XCth6kJKS7dwSUct2Bg0hBpw3oazvO k3H4mFLRgtAx4wX/bR3xoF3z8Fl2X2hdiZRZoulssR3biRfsGhbNvIhXewkRbzcB DQGA4LLo+XcCu+5mIYhpChTo1ncgBFtku7S0KI7lfTXEAxqQEflt2o5D3LzmTv19 c6R39nnyHQ3guY+7kggEo2TlggSe1SUFBKw2h7k1Rsc422y+d7l4tyLrNbx6tdqm r97LkpvghekSF8HQBB+rW/sc3h4qf3zIEuvVuuzFay+JVFChSObh3l2WHJyU4j8O 7SlqTzpNvb/19D3byKSTLVSEcadCTus1J4iGJCSQv3tN6EdS2Bm8aRNvg4G4BPXw kbtS9IEJDg2wFiGte7gWfpfLBhAhgG9FPNcPHzZRjRxIx/OgkGpiPQCuHarOv7Fg LlXs6GR+cZtn+A9yoohTV4RfXjvfNPUb1+w9jGaRTf5dWtg/XzP3NO7bwftfxAZ2 7nYMvXh95tic1Dm2CKjTCzlgV6kUVyIH2EmUKdvX52GEUcmKhY9A6ZHeCh2gXRcc HKOuyY5mmDau5HCI1AV0TROzvZTZO15Em0EePWmKnwt46Z+lzoh3vZWRe839qoSQ n4stxK0hTEVClEkQwj50GZ0XhZlm69m6xwcUEKNmbkc0Tr2jQuKkwLd8ra4pmMnK bWi/tKyx2Lg= =0pHi -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160817-asa-snmp Revision: 1.0 For Public Release: 2016 August 17 18:45 UTC (GMT) +- Summary === A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp -BEGIN PGP SIGNATURE- iQIVAwUBV7TBS689gD3EAJB5AQJ5Ow/5AUXrlOlk6G7j8/BpEITafFPjo5dN4D0P pZi1h0cyM5rphQpGruP4drG6cA3/uiH57Ax3zByLLf2Wjmyplk0Y4iaRGgPfTSc2 pvF3D8wAim6d1EyQQ/OT/v4pu9Jyy0ZkLP0G7bAoqAPO7KukI4UTYmqquj99ls/l 3FrN7nHRwETZzeAe5qwQ9Ww8I5JDZ5uQtrjQwtwomSQFa8K4I6q386uEWYmxcq6e rvm1NbbTZgX8Vnnz58ylllfK8HS+T/tjRaY/TRUTivHadtGelxauCuMO6Ii5X3PX XON36mZS5aeFY7YNy7HAN2AbG8hVYVnKg3HL9HHwxyNJ9aOLSYsg9AjG81BWetAe mIaUn9YJbKqBgsQVks3tFoZ5gPerMoU5Ezj25hzt1FZVusCW7btwA0ZnMb4HVBtj QjP6DtIdj/TY5k9UdaTztzkr5hof9clRqJfPfiEqXYq+23BLvBpJ70+Y+GihdxDt PwNZkGr6n2oNYyXHXWDnAUx7KH6lSpqYGLrp4mFg+3XBoHn14I1lyWgaVTdB6aqy 3X3i2cigFiX3V2HpvTKXth1w1t06ARzPauhu/lG2lfW6ABkUQ5EArggPIpZkQie2 4CatDaXUvlmyatuFfzE2i9ljGLszyMKU7rCeMysk8aONGENcGASV4wj3IY1xieoh jfrzb7/A86E= =bYcr -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Firepower Management Center Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Firepower Management Center Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160817-fmc Revision 1.0 For Public Release: 2016 August 17 16:00 GMT Summary === +- A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due to insufficient authorization checking. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-fmc -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtGo1AAoJEK89gD3EAJB5v5EQAJ8zglRCRCJGkG3rhOCRX4DX drtIbjxvnY+eDZqwuv8UtWIx/vMbjbn5/U4Ns8igngPQUbjhDLYIf5gFNqOVd3tn VagiZDXE3gWXUXMYrWv/vDlWDqvQUvsQAxKmeC1LzlVolJE3i9xx1UDcpHUhLxs3 fRuiIiom6fJvjM6T8F0zTl/ycvpBRt9yaPM51caq3CmsoiCyM5R0pyucuN/qckBi D4R59eAytNh2ItvdfK4uDQ6oYanfv2+19oX1QuALExgKcKyEC69fM+/3O82hjoj4 0o9W1fj3UzjrB4PS7fiDlxrT5uEq+l/Cxu+i30u4qNMivIAL+FT+36KfOb0+qx5W 0qNJ5pZGIEGOATkKwJznmHCI4D7QKPiAJ5NPvmgHk0BD2vM9xpKKR6a2vWDdFnxr Qg+rwXSLfmHX52AIhc5CaeaGZ9y1Fuc6oqctG7pfqZ78fTCMXDQjhk59NwHXJekb 1JalIiwdSXGE6Ey0tLO+mi3y1oJmGC7z7jL8xa4nTGF5Tzuopzkzv/Ky9pICf370 V1Xs04QQCZvYKZjho5xTroVGJ25COBq2b0dVdBYlndPhsrRdLKWjKboyQyHHcRUi brCk9Rdb7kA5dN4r7tMBQRQ9cJ8mWpGm6cNy3zZAmzNGnCTIKqW2+DtLqq0ZPwZ6 RQ/+6TyyUZy/r4h+FGx6 =Zyh5 -END PGP SIGNATURE-
Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160817-apic Revision 1.0 Published: 2016 August 17 16:00 GMT +- Summary === A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient input sanitization during the Grapevine update process. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands into an upgrade parameter. An exploit could allow the attacker to execute arbitrary commands on the affected system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-apic -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtHUBAAoJEK89gD3EAJB5R/gQAJNpnrqzsRS2HQzw6wq/e3wk 9AQHGBahR/l9C9tN5h+lsGVNOQ+o4KQLZpGe9qi6GDyy9WwHfCa95DgQ5fIfrLlk OUzgEpCnJ87PdLY6kBxK/y6doSY7Nwa8ilyegbTnFCurqYUOB6pYSR8+cabq4V5h GSdLBaBQlpJ0w/Ic7Q1fkOk64AgZvs4p6swuyOgvr9+NDBM3cRcaY64xWhSuM6EM Sxh0aqYiG0dvrn1ulWFLh39mL0DWWo1krxbWv1Kag5F2Jtfnhnrur4Vt8ROF8uYj igwrRd0k1cEbKJplzRpEIUMro4j0I1c0SbVtcs6+frovplcXB1mmt8bEPjwrlbZ/ gfLWSArj9E77SDYFSgWcEknNFoyOWZ/tmMJuRuK/JV8072SpLe1nSI3/ZX4qLT2+ reixn7kI91MWLRdOcUf2x4uj8P1cOTipItTw9WUNyIowTN3L5LDARUnCGG7J+/mc vzp4LKHG2nDeG1iA7bZx7wLuehkeRs4WPKtlAs4F7jNm1WRJNyQ+GP9Ik6dfcDbK 1Z8fLTlNzbE3GH4hBbWliZq2/dVUkwPPPI0t1aVhdkKKjqwrASlaWR/XVaf5uEuv rR4VYUXa0cRKi4wcVFLqyLoEnVD0pJGBGB87XGXhQ2lFlBJ9u9Gv57+nCCqP1egJ aBvnymLDgKAGUDyPrULa =S8Uw -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Firepower Management Center Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Firepower Management Center Privilege Escalation Vulnerability Advisory ID: cisco-sa-20160817-firepower Revision 1.0: For Public Release: 2016 August 17 16:00 GMT Summary === A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to elevate the privileges of user accounts configured on the device. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-firepower -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXtHJ/AAoJEK89gD3EAJB5ve4QAK95Ceao/vCkUXcTrU74nbAa /iU1pUxN7VdqXFHDTRth7tyQYTeykn9xKjbw46I3PjLkr6yQ90r2tUvb80No9HiQ +PhTqYsI5xru4bJOvRRasOqYK7AqdJqlE/jx7MRPnY4RYcaAgXdX/+87MfEE2qqD DnypfDFOfkFaOCXqgqpZPGk5lqljJ2lONih8stkEpDpNB/xUxESgtLHoxyurDiqA 9UYVir29xnQSWYVMwJDkx/ejjOGzj875efxsRiYyKSD8bauuBkqjXbc0vUWM4maL 549tnm8B15kkkslyDnrZreRYsQQilcRg7zNQF8HTMPNhOVad7PtTLydCv/ObHvnh k9Qq2304f5iL/oi4xvJkFqcmJ9GojSUkdLZtWvSPEdQKSYvtUWGG1B8nva6v8dTP yjD15d+Sp8J8WyW5sMVRLhdyWLugbWJ/IVgehrOv7POPca91NIByqJR74RU3pU8N HZ5N4dscJouqx9WvBwuKoGags++3HWv9cDzgCaGn7iATu5LKJk6h4hB7I667dIdt ZtfHxuDV8Zwx+xxHSEPvhap/EjnAUeCNna+q6/8VA2cPrdh1SW4tDyVMYakHLZlp jD8qgfaNysYnidJIP855xD6asY+sFFgHYJLUg3FeEmB0utnxOazQDP9x+owNAquj 1ZrlfLwWvg5YcUdn8uOI =TMYb -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160810-iosxr Revision 1.0 For Public Release 2016 August 10 16:00 GMT +- Summary === A vulnerability in the driver processing functions of Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a memory leak on the route processor (RP) of an affected device, which could cause the device to drop all control-plane protocols and lead to a denial of service condition (DoS) on a targeted system. The vulnerability is due to improper handling of crafted, fragmented packets that are directed to an affected device. An attacker could exploit this vulnerability by sending crafted, fragmented packets to an affected device for processing and reassembly. A successful exploit could allow the attacker to cause a memory leak on the RP of the device, which could cause the device to drop all control-plane protocols and eventually lead to a DoS condition on the targeted system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, there are mitigations for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-iosxr -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXq0sPAAoJEK89gD3EAJB5liEP/Rv+55HMKOM4QC32IbekVhxI Nc4STIpJo6t9aKJWCBdR7swlZdl/ofoShSsPQFgfW8Vjm/NoOIqpXPf6O3P0dlY3 tWgA2jyvYyV1rlpxAir398i/pTCF4e/7DhI+67ZNy8QsP4Qr2BR3XMzZSW3bn9ol LJL2FxveLkz2V01QjrM6HgstmpxUGmrbQvd2dxXexOVXZObdvHm+nHeGHGXCS77c Ercxh4uFwrenWe+h9oSr5y+txo8YZzogCfQNQjOuuF+8/4FYr5v40OjulBYNb4sp 7M8JRxmfI4ost/uVbODtyPvp7LBR1AmXt4z/anuq4iWrKSOT5XbiQF83TpCpeR86 IE/hWSCony2cz2Ku9yw0bc38Z28t1PR5zrm/ARU/BWyldJBTn1ww71IU295/FwJt b5Bfxt2HwJgwkRaGQJa0hKt9nfs8sEzi12DtCdHUO1r9VqsXedTNqRLgUPtTrTNA lQ4j5UVGvplzfn2ArrndRkbtDotRssvb0IyQ1YlgVo4u2Wl5WllvUgVOzb5lQIcn DNvcj4WU/SL+09JLsOcwzPqyt7Mf7TqAuz0aK4cONTCcff5jgAC2K++cAk8KpZBl MM3v4bgWMn/3SjyjjwmhF9pA8jxYCcfrWSXuh0MXnf5q+U82G6mpqmTrzegaAHON XAvWYG9thoADLmFBWIwd =hP4Y -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability Advisory ID: cisco-sa-20160804-wedge Revision 1.0 For Public Release 2016 August 4 16:00 GMT +- Summary === A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXoyuaAAoJEK89gD3EAJB5jS0QALlocwEtAhJ6ELVX3IT6HAC5 FKlc3zknV5KswMHqsbDjQsD2GAfEntDoO8Riu78lWSexO99Pu/VfRafKUJKcHEUo wBYQQ33X4sLEgGXMIXUbAxMFCpAxdlIuEzevo8HUj+LiMZWZNN1UJOpsFzBZGx3Q b6XNpGnMup88326DIcTJwUo3DGs7jAPvidlBjS5VPHqE43hvMy7FCqBTMQXdE7E3 6xVR9A8E4BdVPy/WyBjKI5TVOvaB2qoPYaaLmdzvsGaM5LnVw1qPFLwe1xY7dI9m +P+iN5ruvY9GM1WzJL8Yt7ngKmIbr7VC7vQc0kRPe9Mk+ZsuibR4Se12RADvdYfB CTYeDNES93fV1KxdGNFy2+XJSIcK3VYusto4sTRcKLmUfkHd/ahXNjuoGoqkvFYD +wq+1GylK2EUvOThjPEGuBgEG8HaNnp0UaYHqKCcUEzayCthygv0oN2Xiy4cEoJb 002reFlEN8s2puJknuEpcywoWNMOGFWSf2jN2kL4mHo6WIldQJqTOy7DHNLLt9UA aZNXUzhFavF6KXrAMQ3DiTx0nwV9CVaJq9yvyC1iXDA/ySvkHERoODpP7epmhMqW FZTfAxeusPbktEMeAXThVj/SrkwCmzlrvs+pzk8kAa1ycz/7nJkHENiDCLlUk+zR fapmFudsB1x/rUftQUNf =4KvY -END PGP SIGNATURE-
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160803-rv180_2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to execute arbitrary commands with root-level privileges. Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jimq89gD3EAJB5AQJvBg//ctRV2Z10XPE5WaLLYjptaqzxiMxwI9Da j9Sfi67bG7R+1EIWxWKj5zc8LYogBOz9aw2AyjWsr79bGkHgO0rs0l/6Lo9T+ArA TNs4QheScjztFCnWRb+Df/xdzTeAB30A5iS5kyrTTJtDA6E8CmuQhXtJXEPzC8cT p8wyDV4sE8XgHzhrm00DUe8OKQc1zrIpcU5y93AcINwdEf2CXFOllVw1KeDzKQJY 2jM5m1YlTM5Ei8wS4Li/0SmPlaANAZG7i3ElItRHGEO9YGsbt+ZerQsPAd8d+R6c +HV3IF9tZ5Le0KFhdTw68ST8GAOxcdpL2DA3qtErcpMwhZca6bPU8okZZfhqAD63 mZDnaVWhGKHa+iyGK40cL+OgHmvxQLljvyS1hgj3ESPNYl+dh5ljFVw6KY5rZpRI Zmi5Av79NNHQK3WalhBfwxsvTlxy0EwbPjetaSws/v3MxH1Xtq1MXhnH35juT4vz 83RvRMTm/71/AKgZ6LZIxcQMoVi9fjcqi7+dpgUBMomziBB+2aqaAH+8B943Knuw S1Nzhg8Cv184MkkL+RLhSCfzFxfK4usO6v2hz/otJyDB238CZVtKeN+Ym9D5NvwU dHwzjLQCsFqLbJN1ps5/JcSC8vtE2bLmevJepk+T/tHp0+k0tTmNm9FS3WE1YaIY VZ+y3ge4778= =Ywyj -END PGP SIGNATURE-
Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160803-rv180_1 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to access arbitrary files on the system. This vulnerability allows the attacker to perform directory traversal. The vulnerability is due to lack of proper input verification and sanitization of the user input directory path. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to read arbitrary files on the system that should be restricted. Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jida89gD3EAJB5AQJr1w//dQw1ljMBuVukQl7WC1BNN3A70yvaGilD ybcP5yDjJTfeB9jAoSzsM5UPmO1gyY/tF70EL9qyMhIiNxojpOadmypvrarqsA3J tuFosYDYKp67HAo075baCddODpJEmFtZM5WQEgFEL/+RIUakB9Rl9z8VYoTT+Qfx F+IYd3sBo/3fKh2Zk0ygDUZ1pPpTijMM8EpOKJlOJ8gYuiHny6fSngNdQMU1K1+A GtrMm1q2UOHrfa4U1UkH5Id2kVtLXTdaqtNZynp7JsuCdojhSQf1NkY8WRor0vmO LOk9AfgbZJvUGaO5Rym6GmlQDRAGy2AKUl2yhqGG6tS8JuHe20A8iVS9aCpwF+Hs YIFjzuKxitgFKGHllPBvv2Ue/v4/7sXP0EVhLNNqhdNIZj0PveEX4hnnfqAhe5YZ 6hWkxO7Qxmko8zujvgISpAUzL5TnJ1ACYg+mqZTt1tzz4LD3u/O0IHDvI9P37RYy 068EJrsG0swa9PCMxCBSdPc5GpeC8OZrDWYCh5LKy36hjv1qnshlHoYnHtyOcZul XKF88ASHF9kk7t9tYJBSdIM8tk17UKjk8nrKvz6dQd1cIJhcXqwJeN9X0GYBQ5d2 3gN4nhSLyKswG4nkahiSAzUUrLWadfUvqROVwJz4jHzDk5RDIEwAMHcMkDugq3ES MgxdW6yTuMY= =+uW1 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability Advisory ID: cisco-sa-20160803-rv110_130w2 Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in the default account when used with a specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to gain root access to the device. The account could incorrectly be granted root privileges at authentication time. The vulnerability is due to improper role-based access control (RBAC) of the default account. The default account should never be allowed root privileges and should, in all cases, be read-only. An attacker could exploit this vulnerability by logging into the targeted device using the default account. An exploit could allow the attacker to authenticate to the device using the default account and be assigned root privileges. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5jiYa89gD3EAJB5AQJS3RAAoF/cx4RCUPQRg88+uAwjZC0F+tCfQHXF WvSQo0EZu704fkQsKE7yELdsU8OnAr/HX503ya8bTHTGJaMQkrg6FBw2aS6zDSz6 gaiZLeN9n6krwOPDxIAz0phRNj93WoFUxkA1oOh4Qtp8H9W0cLr7Ggx4jbhBrcrC Dm6/g/VQREEdMrAiVPO0PKUIEgx8RPY65q2Os5uahRE/3x9uCNJ8FAYVCgTx+1jc iP+Y1GlYbPH9gmcsEF8cRb/XTM2t08aY4yv7IxRzBK8N2ZnUQBBZDkvJh3ghIycg efEkhwKdkX3MKig0HsdB6yooFThgOyJLJXOCDIird0t94gulGOxvmGQanF354r58 Dpb1vJfO4yU1N1Ld48RDKwelxV3ArX6WUM24s4ydehpGWHD3qREIbL3T7lQQoy2F ZZm/ichpQCkfd95wy2NOxGV1cz/gPqlP9LT+00gZP2omk5QdhKA1Xkd9umy/xJhm YstBja7gYpAA5k3EXjOgIlcq1YPH0PqvqSV55CwxMCzg4mHzkaGbjp2nL6nZ0+gk NGW7uKcSptqPAA5Y7CAv0h2nG5c1GXRHwZaAmoXXSxIYS5dvIx0SxdmI3QayOIlS za2HUbv0C1xYwqleJ4euny2RQsX0/C2wv2SLG0q5oJXhh1M8IaS94BMXfad/rgIu S82N2vOSPfs= =Ws+u -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160803-ucm Revision 1.0 For Public Release 2016 August 3 16:00 UTC (GMT) +- Summary === A vulnerability in Session Initiation Protocol (SIP) processing functions of the Cisco Unified Communications Manager Instant Messaging (IM) and Presence Service could allow an unauthenticated, remote attacker to cause the Cisco SIP Proxy Daemon (sipd) process to restart unexpectedly, resulting in a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of SIP packet headers. An attacker could exploit this vulnerability by sending a crafted SIP packet to a targeted system. A successful exploit could allow the attacker to cause the sipd process to restart unexpectedly, resulting in a DoS condition on the system. If the sipd process restarts repeatedly, a successful exploit could also result in a sustained DoS condition and cause high disk utilization due to a large number of sipd core files being written to disk, which could exacerbate the DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-ucm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV5ukEq89gD3EAJB5AQJ4pw/7Bmj9j3Kh0xFsHWEPZqhtu/k0jDL10nxS vnuPH+QVppva9iU1P8aMNwkLH8dLcXR0/F2mJtY89Z57C13daxO9wBixrvoDy5Bp /WEwGJosZ+F7GSlrPhneV4U6oT2UZMMJBRgYQKIe/tZRwnDjfkhvhdtJs/PqujDz Al+jT8lsCc0ibb3amdG/GxEx2znJM4mUKFuXFSBjTLbZ+9AJyOGizl0K14oSLlY7 Kqhw4BNtr08cHQSxfhQ5pyr3sDb9yQjxKUKscYmdo6pCzYWN3dvA+FRiCO32Mv1s tZOm73rEFzr+4g+SL1ohaL2D8m/UhwC6S6Xy4BvLYgGsXBmP5KID3O5thoIh8CDx KVnQMnh+Dqe8JisvCUgGyAq0o67YwSSqC1xYuskhGB2OKFidfp5XoZlLjgLs0W5t 52diKjExpaU6JwvkuRBg6VP13xLDIfcJa5ejpEQKJCR2O6azpcIW1F+frj/s9uPw VucODGFsNuMpZSc2b9QPP7rA8gXW/oK1OoK9Lr2+ODeWATzO/W9gnAe8feEciv3F LK9iE6/DpZcvPYAhUqslmksP9Fd362HSKEBVeRm4Ayrzc0JgO4P7nC9zQ6PI/WAV hytJGPaPNlumo3m8wT8TwdH13zsOVWwNJVMkhwSqsxzFepcNSifmKx88CLcl8oWv u1noYCPNA7I= =IwC/ -END PGP SIGNATURE-
Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products Advisory ID: cisco-sa-20160721-asn1c Revision: 1.0 For Public Release: 2016 July 21 19:00 GMT +- Summary === A vulnerability in the ASN1C compiler by Objective Systems affects Cisco ASR 5000 devices running StarOS and Cisco Virtualized Packet Core (VPC) systems. The vulnerability could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. The vulnerability is due to unsafe code generation by the ASN1C compiler when creating ASN.1 translation functions that are subsequently included within affected Cisco products. An attacker could exploit this vulnerability by submitting a malicious Abstract Syntax Notation One (ASN.1) encoded message designed to trigger the issue to an affected function. US-CERT has released Vulnerability Note VU#790839 to document the issue. Cisco will release software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160721-asn1c -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJXkR+jAAoJEK89gD3EAJB5pDMQAOb/g5NPySkVBdpzDwjBFI58 u3tDBTRzvAVjleEW93WjHrEDtsq3exaUv9L2hdbwZrMvFFVqB1IVshfO9BMLDg7d An4jxh7uMRsGH7IGI95s032/8zD0RPqUeZ/eqh5kqV9r43N6UCSWIEsnXGGMnbZP KULIIzJYclG3f9q79wQ/kdTBc2KGHcTAAIaQogczXhUGEdFl7je/zQUrG91FB90O I5E8DvDe8UJYOWdGHQ64Er/LL+lfhmEyvBqKcWHo1eSYGLGn/5yVQPMFoMpwEcAi 9PeM1nCWEjc0kw/IyKTK3k54PbBwGjtwSTK659F6DsX6zqFcXPorcLtVQv+AyQ5o 6JeuQiBx6ab+qdrpruKB4AWXvvI1uE0TtYtH+pv8xyH30Z5r/aeb/Rum8zgehc/j 3G8Gr58gghMt34Hxt+nfropRiGRMl+8Saj8rpfdsLWgIO711vB3RCz7sOEggAvzp Th7KCga9G7uZNnmWy/NYm5MGk+h+bj1Nue5p8ZgPMqVwkRC9yQt5gzHWMlKSni6m HVyh41wicmoTrd44dOWr5pDXKvbQ7P/Me3ZcJxwZr/A57qHOdPNc0lwtzniIb1O8 rbAqG7gOWe9M78A8A8Bo3PV2e0XdeaCz4L8lzmR3Nnq8j5LORZjB6qKhR7oBtTpU 1s0pX/1fYtuQFO0uK5ah =S9PG -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability Advisory ID: cisco-sa-20160720-ucsperf Revision 1.0 For Public Release 2016 July 20 16:00 GMT (UTC) +- Summary === A vulnerability in the web framework of Cisco Unified Computing System (UCS) Performance Manager could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to insufficient input validation performed on parameters that are passed via an HTTP GET request. An attacker could exploit this vulnerability by sending crafted HTTP GET requests to an affected system. An exploit could allow the attacker to execute arbitrary commands with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160720-ucsperf -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXj4blAAoJEK89gD3EAJB5fxUP/3IUSqmwPNOO0uzEISZsClbP eV1sWplfvIR0+D/ZehXwg5I5Bjla77t0YUmqa2OlqmmGUA6etCsz1CAJhYI99jhV dBTVjzIJ7/gaEqZq9SpiYwcqTe/5mU8vhJwt8T/x0GfS7qvPMAPxGmiS8NijZN1m O2aUYZOi3tjxwrYM72NtdjKMcxVJ4HhvwPA8QcUV+b+B8MgMwDp9i7zaJHldLJAB dAOUoIMmqSrsTjp5QX+oBv77XMoL6489hPNF0Kdt2ysIlcJDMQFn9Mv2PM76rolT d/v91W3FWA43X5BnZISHxh+YKLSxli4sHXKR2H3nDhrhZml9e9FwyvQBmKGAStb+ IUJPfFkkFt/y/QHQiPx98MoW1bwaq7jarpihGearGcm6IKWw7op+c1xPVaKI6j/W 3zLObIbqHItCCE+62Qb6PLYTzaX/EyKtwpOsEiHZmPMsVyEFGsb57HyS4cS3Orm4 nlzxZRkv6VGfEx6uWr2VasD2pXUBEMY3fv9QJ/1fGcZokdaw0F+NwT89JhYd5nRE nAwxCi2E9lVpI+pZOYlWwjkKCdLn5Tl0Xefqxz9q5u/URcWKPSLwOkQ7ZY3ajM9x LBMhU3ub+H/rms6sykXRERawO/pCnwzDEh4LvoRocd3bM9s3pLKiV3KWJAQxIQE3 y0TbOx9qKJpsZO3Kwywy =dBY7 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability Advisory ID: cisco-sa-20160713-ncs6k Revision 1.0 For Public Release 2016 July 13 16:00 UTC (GMT) +- Summary === A vulnerability in the management of system timer resources in Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) Series Routers could allow an unauthenticated, remote attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the Route Processor (RP) on the affected platform. The vulnerability is due to improper management of system timer resources. An attacker could exploit this vulnerability by sending a number of Secure Shell (SSH), Secure Copy Protocol (SCP), and Secure FTP (SFTP) management connections to an affected device. An exploit could allow the attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the RP on the affected platform. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV4ZMB689gD3EAJB5AQLaIxAAueOBvhPrQxwX5VNKSB3CHnMH/BoXY4pH +EHT7C1kGY/0tJAiA2JlnsVpUwxNmu5guCT3H+kaqF6VXoSZYEVBRNb1yt8wvfo0 1+PKPeNIUrrOaCu16++U3c+bUuDst1DBeAi+xYjkfsTR23haiQblstb49JgolaQH FQiufDqU3roXzIua76lOtLmd/Nq4vrcafVprFKEl2UWT1eizu57JnKh8nTAHoxC3 xdkfXXfuilvDhppHShYACiEG4sPGfDEV+ExS5Nt96Vs6wCGNXJ6+9cVq3peZPCWT VgzIVDHmvntBXCR4q/xvCDuw0D+AcYeDhuG+qmgmZWMf0AJNQfJiiVf56CRL62zT ePtX6JLXb1eogikdcitxq5Y+vbMmYwlF0+H+/ISTG85IkprZc/XYiYIa8RRn5hmK 5UfQw+St/DMtGBrKjGL+HOOa7lk9JrHbKqvoOikjZpMD/KdnEMv7tPJTC3RWXhAh 7Vi/mUTVBjyWDC+JE5O0E2GSpS6X+bwCji16TlNpFoBmMvqYn7I6O5SSWMTUanQ+ oQ9qL3iF3imVkEGMB/TfbLQWFsIQt2h+7c6sToh1tpso3A7JpHLtou5pAtxy7xSt 1VKXDcNBBJ2GJ/SimLfbMKDfPGqph2d49RCyEQRBxp8bFw4vNRCxDFn24e/vVDW0 AnbSOWb7rRs= =8GIQ -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability Advisory ID: cisco-sa-20160629-piauthbypass Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in the application programming interface (API) of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to access and control the API resources. The vulnerability is due to improper input validation of HTTP requests for unauthenticated URIs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected URIs. Successful exploitation of this vulnerability could allow the attacker to upload malicious code to the application server or read unauthorized management data, such as credentials of devices managed by Cisco Prime Infrastructure or EPNM. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-piauthbypass -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qsA689gD3EAJB5AQLphxAArGXxMxb0qLM5w73zZSZS5iuqQffoaoRC ZPmuUgErAnyO+OlLsco5qfFxEwCWrBQMQEZZie6LlqlArU+Q5H73aKC4orYnu2o0 avEwR1YkFGcLNbZKp/Bvtzhy7Etd3bR/OnSFkfsg/2Qgkx77zQke5vXwjNtuaMtX RtXYDh65TvpkegxD2Kb4tMZWLKxsH2tV8oBuuDT+m0h7PwSo4n+Ot2u0IbW1dDjn AXk/8j4qUzA9iC+nFtTY/ulkWZIX1RHnjk/z+070tSvlsbPhcjJiPZT866+RUAms lQYoINSo045owXFtQv3CiOge8k5bdxaFsnP944Jg8I+huDvmHXg5uPpIEG7cOKQ1 ZM6n+yw3aQkqDgPRNiAiMwnOrVPFvXIwDFQxe5Otij6WY5Npd1FogBfW/1n/akey IVoEQ4Xz3cR72yrv0Xu5nt2C9GX1uByID82Eq1XF9VeI74yFpNupjzCgPwkxyhsM +M1gj+9teD42wUtEV92mAtmRiEBeVBKUnnYcDpOYOr5CbSretlyQm++0FbJS2Xrb 22TWTkWWMlOd7L+msb0sOOdlVC5h01aKnfyNfVsBcRhKVcfsfxljomR6V8GZWdW2 DTR1A4f5+rcuJBBlnNxE0tm1Wbvsed7N/0M92aELK13oLmz9lOw5aUZ/X3bhP/ko iZ6ZrVNwhyQ= =F9QW -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability Advisory ID: cisco-sa-20160629-cpcpauthbypass Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in the Lightweight Directory Access Protocol (LDAP) authentication for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to an improper implementation of LDAP authentication. An attacker could exploit this vulnerability by logging into a targeted device that is configured for LDAP authentication. Successful exploitation of this vulnerability could grant the attacker full administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-cpcpauthbypass -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qr3q89gD3EAJB5AQLLnw//ZD85xqIpSmQranwPfYQDeoM2uD6+TNby Vl+47uZOC+csQ0PB9d/z6zylu/426OyJSSUje2c44lSXDJ8iHy9dBNY0ozyk4Uzj oTOlr1h8YEDkjxZZ66yqm0GoTVo341tbAaDJb8xWHYjb6STnAP3r8hHu0jleH26j vn/NQ3xPTQ7FPaB6gDoKn6Kb2Y8rDjUs+Hps7S9REtplxLR9zkERS0lWQHoz0bSd eBTmNg5OAQxVwH6jFc4wnUnHHaPk7iALBXVo8mrkU3+6CAfejUbhJpSVxYceZQZx hl7NFgr9NSj4aT1nnnNGjGPHY4pPvrvyc55hQIrIPtk+teEzWL0br5VxPB3LVmKS framl2fXHOd7uV1rHcgfWlI0LYBldC1C5JhSlE9hxh3BfpejMauev2rGiWVDCTyr RIC7zJDqBAc3F7XjbjVebrKjdb761SPmYbdCDHyVBuR8mePyzbEvHkfkvSGi0XbD egVto6K1njcXU1uXLyKxGnPDH2pUZCTT+Hg7wF3U3zf0gvpO9Ifk+uhELoz6FAFJ SXGVS245KjwhJmBwh02gsjbX/Fy+DLUnmVAsdL5hCMBZmzv5Cs0fGqefBTgHahft 5ZVRP3cfwSKSFfLTRTO6GF2ZlUk4kwFwqP1HpVjB2Y4N/63OllST/lIlJPhsZHH0 BNnEWyb0RME= =hP8c -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Firepower System Software Static Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Firepower System Software Static Credential Vulnerability Advisory ID: cisco-sa-20160629-fp Revision 1.0 For Public Release 2016 June 29 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to log in to the device with a default account. This account does not have full administrator privileges. The vulnerability is due to a user account that has a default and static password. This account is created during installation. An attacker could exploit this vulnerability by connecting either locally or remotely to the affected system. A successful exploit could allow the attacker to log in to the device using the default account. The default account allows the execution of a subset of command-line interface (CLI) commands that would allow the attacker to partially compromise the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160629-fp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV2qryK89gD3EAJB5AQKaGA/8DW1mxGdQH0HZL0ih543qDib/oN0wkZU1 3A7arS4mHYApenC7J5WsHULQqNdBf22N3pagOTeGlBlhnXejFxA/fcPqHZCP4FZu eykxwCLfZFjPmsxytwM/pG/7xsr6lAaehb7xbPPD7Z1LpWEYUYpqaQRPh+ZfFZ6u s7FtquqCDyV6Vpi3Hu47A4m7XkytTTLkPNuzMRsR7qzDQ2OiTgJiEDmdePr6iVPt yWQHFy8klt2UfzHJ8f0xHDFiihfeRP9Tyyp6knIgc4QaFbYl8KVUJi7z4Ji1tlXW Vqk8MDlxU3JA1dxesKXzt5U66E4k8rUJBI2UPSZFTA1+4LxUPIlxN0PrxXSCuBp/ HRGFGA/Ti5q/pSZtqSq+5KM1mCyYJ84b0m3wkDzvCxR5IbS7FjRTMCtGFLtZE6fa p15WuBp8DEqF6/vHZM3UBjR2Ls1/aHTYGpb11Ksz45IQQb8DJyNn9NykDsaIeg7k 2W0QtXsxWkoQV8CxEKmFk6Eipv0zxElnnzu781bhH3TMST7cWmFsdNfZNFpfI3L8 nNncQ9k5yRMO54V1Ikuxd9JlbMywb5HGLns7XxsuaSN0vjhz+OPY1QhhWp/JkBSe s1NSXOHiHTVB1+D9AxZ2huCiRVKWlKr08tLPp01HdzeCut9hMn5w41cuvHreRD4I g2taAqbF01Y= =z3md -END PGP SIGNATURE-
Cisco Security Advisory: Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco RV110W, RV130W, and RV215W Routers Arbitrary Code Execution Vulnerability Advisory ID: cisco-sa-20160615-rv Revision 1.0 For Public Release 2016 June 15 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code as root on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request with custom user data. An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be leveraged to conduct further attacks. Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV1iuka89gD3EAJB5AQJHig/6A8c0ghf49Ku0Z3nkuRKv0V1jrahBY6uX RemK4SgHfPqUjeSaM9ci2RuCqFe1BeDOK9GBM3P6Mw0Tq5SpMndGD46P4Ha0hgL/ WuJsiwaPkOFKFS47pIKdX0k97RX9AWlHjYoB9XIXb19M+449rHi0Cz90b3Wk1w60 rXYtVtbqdiL5WVn/HmYA95EzwZ4HozVZvDIAzKkUy+mjOkTSHR38gpLSoCibB+3l I6U2Txc2crjnaUxupTRs9IG+hcDvNCaLb8C/ojSrXpQQGV3Q9XEXE9x/EZMLFl9x aQkJRiKT8aGAZfqqvP9JxuECXSTm2koYR2sgaI0yJWmpp068j0dA6zdc/zn/nM7N Rx27U1yWFH0qbFn8q65BbS/IOw+u1aV/LtmieWxuySHW0/BlVPEJyFXRZaS+rSfF Ted/NRe9e4XGd6Bn98S9+8vXXrvcaWcrxrl3aLy+lDstbl07EOC+eLd+YvzRrxbj s3uKiliQpryCkSC49SaY0zmj11KMpB0psLeUKPhJWzpa7LJpSRZtTbDyCjMrtspw mwobTZB+V8cVayhrPwGIyUN0ImfGg3DH1vlNoaUoXD8Wcj0T9dhWBkwx0dH/Oxol pSsR95Pi3p2e5xS47+7b1l1ViR0eTBTeCT+4bHMfPoDcp8msEJ/sSxpwZgiPAdjv 53TxLvrILWg= =2XbL -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability Advisory ID: cisco-sa-20160601-prime3 Revision 1.0 For Public Release 2016 June 1 16:00 UTC (GMT) +- Summary === A vulnerability in the IPv6 packet decode function of the Cisco Network Analysis Module (NAM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0WyjK89gD3EAJB5AQIJbRAAmARSbMN/HbRdFCfkBTHNt5GgfMHbGRlv 3tY+2UpNk76RO+3qT5Dia5i1dSw6xFViREIFJR5/8fgSaBQMAUqU/Ub0Yoka1AzV OKA3qHt9tdmkSJ3l7evW+Os4bQTpf/DSlNJoIwWRcvdgMHudUZ9ELzp9WwIczI9T AQwwJBfPyyZLDzfDC6e0Lxx2ca4ITumOFBbG7QW9NNLki5xD51nTA4VscMfzLNJd ETuAVELyEl5cOUG3Fnq7a9Aok105UlGSgf5w/cGrXo/ycSfvDYaZ7WBPBAFuXQht bUVvfzNmHjiBcTK8rv27fc+mRsU18vTkHyIopXc1sUayrYVhUkSGVIbqN6gICDRt 0CDlT8bSVQybPElmpoR57U2d+YatLjWggmUzS1EFCFfezLOGzYftSFB/D9YiYXZ6 7FR+2feIBnitEThvcEHXt5X7EPEOwUJtTNLN9psE+hMpDcThw5PzJ8dhRPrF7EBW Q26GRafNxcw/mm4wDIHcWfABWVbGKCSqcNcGIVwLtk40wb7mwlpfOVckSwctN/u4 jGeR4gmWcgdYDGWATyWDhVatq2c/x9ou2PkBanPbXb90Pshr7EVPbV4t/ovBKlix ORjuu2/szqwJLRb5M8RiZVfgrA+79q7BGgxWQQK3Wi14FxzrNvQlQFq5GYNQjy9Z FqHgZHEGhC4= =vGKU -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160601-prime Version 1.0: Final For public release: 2016 June 1 16:00 GMT +- Summary === A vulnerability in the web interface of Cisco Network Analysis Modules could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of the affected device with the privileges of the web server. The vulnerability is due to a failure to properly sanitize user input prior to executing an external command derived from the input. An attacker could exploit the vulnerability by submitting a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands or code on the underlying operating system with the reduced privileges of the web server. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJXTv2/AAoJEK89gD3EAJB5KcUQAOYjQr36VNsida74k/896SeU vHNiyFs++KcgBy+5OQpw0/GFtKYnQkYp5f04F2Fl0BCqwTn4dunh2Lch/yLh2Iib 5514iab/1fNZXWEpkgfOwbzQhMlJklc0U23P/mtTcSRtaZv/d8oZXebN+byJ5Yz6 lEoCvD7CRlcPszaCu6fuOUqA6Io9gB33bYeU6NDfvVD1sOPe/xGz0To8bDJm2YU1 SSCWB9L9v5c6ikWqdmmMJJlmr+ZORmyguv2cSzArWdhUv2zjCc4nsL+FJam215Bj CqxQXelURXVRPEWzeaXZGhvvih8FG/JGQyNfxWp+5BTZTniQbp7Yc7Iu4IHBFT/d bmdde+p9QeyD+/oh947/kJlzmgdm0qZmYF/Xrte8j5YucGn4Dr4kh1lvr9/KEuPX 0fy9mEQjfNW9HKwKL/TlIUZS45GX7fLZsf7HKkBTeSbQCSZ0u03EwUU/+WdMFaf9 dmnVmf9F4IuZMoMhuyShx2SYPyoVRgTr9eRt7zEtLrFFfRNlhTZAFuLvtWTHGCE5 t85xZkZE/iKIRdR3cm+Rhk/nrLVYacd772IncAW6LirjY+uOykVWqbGM7NJ8YYBh Xca726QhI1lue9eHaNier5o0Xsj40+sMrAPlK7Cc/b8hKWuV6xODcor0sEPVoazx wk31KMiNQJpR4vnym04g =msWt -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Connection Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa4 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory. The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0k689gD3EAJB5AQIFTw//SVvwy5A6X4SY/r95dKR7bw6PhsZWlAyI WkDUis7GTqaGtVQWBDJi4Dv2gzI53/i3y97fXlwqvxv+B/nj6L2AhJjH6j5wWtca cplmOdDLSYupLp6jO+sQV4HXRMoDLCbLNkXsqSRjPsVPg+5U6DFVDzz2X+B7f1Rs v6yw7hPpuujq71ZbnqhxNBX4Xl8h6BDzmGOtQq4V76Bjv48lN4ItI0wwpZ9ZShLn 3wky7iAhLZKwOazdYGNE13eyVCBhKHbIHZ3pgG8jkpBHizR/xCwp8K2D94JxTx3u Gu+9GbFh4y3RQguA6QOCeI2aSThcKC3Ial7+bgnVX3+K9Kqwi3G+/fmjN8dXMxke Y1FyRs/V9JT8dbVPqPhvE5cghlF3+9XIUiXMDVgkUvG69ZrmvlgPVIMCN55vHzfD siaoBjyk4FOOzINzIypmnZAkZoyRoTghNQRG4Mc7rzy2dpKN+WYhFEY391i6aU5j ZeYem0LS+BpFpUv1XrqEsQc6ND46Djsy6tCE30WY1u87QDXG99D9O76q16neM0Kc qHv/wSZNS3I5hAdLq+JB6OJh31X5ZuiUlFdZumYw3u4fb/ehkjQ98ek2G9YDKMVO nXMc0Aq8cWidUjP/RWnLFwvSX8TyfP3wuZAPeGk50mz1VhnBE1VzuYUXJKp1fXyc QHExA8KC4xI= =4sxz -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa3 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does not properly allocate space for the HTTP header and any expected HTTP payload. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition when the proxy process unexpectedly reloads, which can cause traffic to be dropped. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0bK89gD3EAJB5AQJ3NRAA3fZtmhQZ1CLM9wpu08Oe1/xETVXNB7Es YPIeZk/7rNcZe0RjrvXxQoJcZrNkq6hnExNwRaGeiKSulCAmXHU46v2gB2mbhYdx FB7AYVXOHDKHZyEhCeZXRvq3sbIZu4A/AVPLZSADl3v35Jdwwo8G/pDt7lTQma6o +qvLYXhToSTZuJM2IOxY63TSwSD8rVueZYvcPOAbD5w529tHwhIhmJ/OM6mqdJks FcQ+p3qBhuJpv/UB3ffWrlVXCQgukW5al/6tYHUFNYETp/b7PqixWz/Xs5Ob7GRg Pa8JE6ggkdwUn0Z5LNbHpU46wZyUMaQMLGTMwVlpiBlz5dxbq41Llo/vu9//ozNu eFohMTKSR/l48u34gzeca6ffIkOmLv++nsM4xAnvJSnF4ooTOLoyqqEjghxIRAkR BRrvLiy6SWKTuimpP0fhwGgGio7gDFP+nwdbgqXvx6JrEFCuc2rmHILLGH9CHWzH /sKzWekfJOXRN+w/m2aIRqJ0tj//2MLOYldxtX4G61MdhKgnGk/f9DyEuUP65+iu Kru4HMw8V+/OX5t+X0E02LfpKgMmOFKf3ZF00FvTLTOsi92ybBqw+OtuI+zY/x58 H9CZOTgqtreHpSiq2ItkUHOLIG5/d7oObop/Yk6ZvsYBsApXQfr+IU4WfdMaRstp CcNZWjXOX10= =Jy8r -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa2 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability in the cached file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance due to the appliance running out of system memory. The vulnerability is due to a failure to free memory when a file range for cached content is requested through the WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the affected device. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0Oa89gD3EAJB5AQJsexAAyH61to/tiXUbPHahnr2DdLqJPCkMKyZx 7t6DJRtvD1yBbOPNm+EaySBI7dAIZ9Gtt6kWueARIo9Kyu46Y4TfLpI9Kh8XEGcd 6kB+WO6Ps2FYktDPk0onhr4L8KAMqP05l02Cls7WCkxbc6feOD6GnlWLeIQDFgxB gaOph4ng1mbmniqBf7bIdsjM1wzx0T58QeNmkCBl3PqPX30GATCVlKwvh2wTqqAR 7PGH+vy47ueTXQgaoFF8NJR/25WhCSnRxBFgotGx+BKPWlE5tAxCC+AQ516md6nn ox+3UJ0tVDwBV/0gpMLoMN/oqC7VQATjEFiq/vaJDIXipqFw7BJu/qvFfP0gzWRz MB1S/kAPBbGI8TbV7ago5DM/w0kvtqFlOwYntQhcL3xu6FHq6Wf71HB1R2vqBBkh qrmPwZ6F3EJmbjwK0GNDzpqIHtTp6yeLGtyXsokbhmh68sCej4JemOgPGXM1aLCP pFJbaMsHEge3Co9h3TPoq7eXl1JFGOwxb47++/K6oFLvPNUp8f5SqsVtLPGhsGMz VGhM6XaioppOGjOAGKloyrYfJTMoKcB7OHjnA0bx9MUavN8+epa1s+CH8ViD0iTN STuvrv8vF+YsIOuD1oCgLLegPZqjNhZPj/ZD9oyvjim34bgoSynAUcY1CiVNyp8/ zsX1HnOZJbo= =XrBA -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability Advisory ID: cisco-sa-20160518-wsa1 Revision 1.0 For Public Release 2016 May 18 16:00 UTC (GMT) +- Summary === A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process becoming unresponsive. The vulnerability is due to a lack of proper input validation of the packets that make up the HTTP POST request. An attacker could exploit this vulnerability by sending a crafted HTTP POST request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process becoming unresponsive and the WSA reloading. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVzI0Ga89gD3EAJB5AQJGlg/+ObkX2XT38zQEebob3urvYki7B6X+ymcR XVObHxksGUQNOsHPmLlj/efiSeBRlr8tD8ZwH5MEm6A2E8R24tnxJJw7A4LxZMm+ TxWSm/eXu7hFQufWnsKcC/zV8G7pFyrDi/9k9//Gqj1RENh5EQQECBqfWs/cCRZM lNKpwY33V/mar6Qopf+YBuhkUY0vgd0Jz189S2EK5RQndwERvUrMTZHicErsupeb 5hFHP//pjDiu1JusGrU3Vvx+gIlKVCd13Aq1ancqE4EKLlBk7KIgZMnD6dfaEOAt YYCDBHVTkSmPYltEZ6d4YU7+DmT2fkbK8r3aybeuxRZJ0EWwIq5ssOkzZSgN18tr itAnftJwGVrOEmaAtxcba7Ok5+Y5B4+031cwRfxruML8ZoEX36KaZy3HDzwGY0su fuIRp6yucSVohTHgkU+KX3DXlzD/HpviaDdFwMscwyvtKo+vzJZVWkxaQI190B+y GwwDcIV1EzM58NeXzPtuiR8e2+hUAZ6F1D6Np1lVrVa2VyRcBdQ0BbMr6xuzruWN Y4j73bK/g7yBO3wXbFYw7vW7pm71jCi6oq1fI0M45XKJPGdAzIVhroCLepNAfvf8 F8pzscWL+8XqDD9NqjUl42jM1sxVCpYGLyVTeGuNdUSGtoKwqsy7X4MdWDcSZ7Wa rmhFNyj9Vm8= =kAil -END PGP SIGNATURE-
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 Advisory ID: cisco-sa-20160504-openssl Revision 1.0 For Public Release 2016 May 04 19:30 GMT (UTC) +- Summary === On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Out of the six vulnerabilities disclosed, four of them may cause a memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. This advisory will be updated as additional information becomes available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXKlTFAAoJEK89gD3EAJB5gbgP/i8P9n6GNTj8WmRkfx9Iu54o LTNnlJ1gaOTxl4CWeeBAXre6LIJ0l2oMarScMchbI5uje7oxdR7r1jq1a+Fd3Xa9 r4YWfoWzfkO/77ULtxr2vHzvLCDHxpU2Q92heDCMU0ZdSvTguTQ65vxPeVuNpqnp mI9IKs86Sm9WlY1fm1goAkIr8ES4+vC2MMPXc2xt77Zq8QnLXVgRxapgXBdmQuOS ihwiTPNtnU8Is+X9wvZoalBPqYBoZr6nYTzTTmEr6RkhMugq5klHxUs1CMEdkDlJ 7m3eVle45BJMJCR3DXY9Hu+zzWHh55K6XVFBYL03TfaVPx1P7IxJdhZJXFYe6wP6 ySY+uYfIfuVH3KLyL/xBy1v3rotIKJtpp4/RSYRVk99zQvs7Up1dHfNkcEHNPOH2 YzSoIW+h/ykSDowLHLgx0NnHEHSOViTKySzZBsRsXXRNumHv6rXl3kfvT2ZHbAin d6SZ4ONMxNZmeF+0etG0HWPLA1bO8FXsv6Qi9AKrm4ldIWE4mKw+a5PNPFkmL9z+ Pkj5nmaye2y21hWf8AZV1ThUvYp/xZO9vEsked8r4qrHznUwWZsqPv1raPGTAIBp G50FxE1Z6Fxr4CuxH5nHpyzhF+ZANl/JeCOzQc9j8VzqW3nD5PzqLZQL9KGYUNq0 OfdMkykaRaf0jwlAvCTF =xju6 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability Advisory ID: cisco-sa-20160504-fpkern Revision 1.0 For Public Release 2016 May 4 16:00 UTC (GMT) +- Summary === A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVyAbtK89gD3EAJB5AQLENxAAprdyZgAuwqP+PyQ3PJuE6iLgyDDFTNpi yZ0UfoCjJ1BmSFkc/dbdhMtPgAuKiMJhIlgsH1N+Aq3rxxoPlvh33woruEJeqjus J/YqK/HRT+3oOzJTk9JklUqs6AYNgawjVofttsl3ITeshh8uOzPgIOxAUYSJOAy7 Ax6bwYDFNxP6+HuXT6QKU811WsPJ3BT3VebPw44E4drPoWkSHqp7j/Ga8ZFPGNWn Cx9rz8PebImTRjKfgan9f50n1fEIElow1DedMFv5uthsf0iCU9etDbOXBL/Plmk8 gbbqJJVQkPUdFiMHbF1YipX3uzmPLKj9APOSezSYiV1pksTRBg4Pg/Ytgrgao8Dk d/ipqv8I2XW0dnNdXwImVQ6MbZ9z68OmCR+xEbui6DEBTnD5SQQYO8fHKEJpUhCO WdVd5diOhdMvxOzq3kWPwlZ8wkYlukGT9UTYRv2nsK3n8zqR0/NdYIKiYtnO4wI4 67/8Wx/Yw9ckZ79VOaMpbkulrnDQ+DOPqc1r5bia28w4jY1aq8MdyQsT1xbIiePl euEtQXvqek+qHQQQy/dgMjNw7fivovo/sH1PXUEtXD3bnYDNhc2ProUcPr82JY9E P/s5sLXwG95kV72hJN2BwN0bS7/FU/OlJ3QtkiUsBTGor/ZDgIGPJHCLvdTxCr9A xQXI9bEKg3w= =Nu46 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability Advisory ID: cisco-sa-20160504-tpxml Revision 1.0 For Public Release 2016 May 4 16:00 UTC (GMT) +- Summary === A vulnerability in the XML application programming interface (API) of Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API. The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API. A successful exploit could allow the attacker to perform unauthorized configuration changes or issue control commands to the affected system by using the API. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-tpxml -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVyAby689gD3EAJB5AQK2fhAAhvyNTmp7mzXNL4xtg00pF8NDKaYzhALp ekAzt50x6Sf8wSvdMUo9MXJPtpXyovCQ9N2L88hUxGh/dOUur9uQ9cB20EzeXYXX QAnRvkzyGXdpbYx1mmOTzI++wI/nlYQDCZyatX1HZQLGCSPAdHtoYZZIj6zaYHjD vk6nACe/KEaGw3+4VHbRVMS360/A+zgHmxOgzxxZhVlZot/0UFbl1Brd3YmJaejr yYRwcozu3eoiOLScNS3dm4WSYpJF8P5rajxDUoYPugVu0sLr4dqBp9Y90c4CA6k1 kh7QAYGKTTc8LwToekx9QwE1QeYiTjsU1/xyL8NfwjJuMvM+QOdaaSmAecufnQzo fSRAMI8/3N+Ml+BHBE8u4OQyxp0nuBMdMn57+j71PBeu8MPvQPh87o03480Lro+o Ybsf2ISW8K7Q65XgxtPzULW7bumBjN6G19/h+sJaG/gQRH4i4s07AFDasFI+IDHl bktDrEKPgD9QAhYj3VFMkyiOtLlTdguEUOeZLdY2b42AFLSUBQN8G3dEn2kHnoL0 yWqtBERHX69KddYGqq01H2nIe6Z9bMKeH9lw6eyyjE3oe7LjzvH5v+w/zmgEqnbD euJ31pqYupT2Mxz8fAkTCf31TqDHKI+lmTnW+wRKWB/m+VTLoTAP8r1++Bb+Yr5q KIbMTNNqQrI= =jGEq -END PGP SIGNATURE-
Cisco Security Advisory: Multiple Cisco Products libSRTP Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Cisco Products libSRTP Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-libsrtp Revision 1.0 For Public Release 2016 April 20 16:00 UTC (GMT) +- Summary === Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol (SRTP) library (libSRTP), which addresses a denial of service (DoS) vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library. The vulnerability is in the encryption processing subsystem of libSRTP and could allow an unauthenticated, remote attacker to trigger a DoS condition. The vulnerability is due to improper input validation of certain fields of SRTP packets. An attacker could exploit this vulnerability by sending a crafted SRTP packet designed to trigger the issue to an affected device. The impact of this vulnerability on Cisco products may vary depending on the affected product. Details about the impact on each product are outlined in the "Conditions" section of each Cisco bug for this vulnerability. The bug IDs are listed at the top of this advisory and in the table in "Vulnerable Products." This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVw6aV689gD3EAJB5AQLT7hAAnEhIXtGqfH9FEGyzLoE+NZ98c0TVnAQY SzOIo9NAVtEYuPSbnybPiqVnjQGmHgU+BI8NgTLvvs15rxJOSeI040rLBqZQfhMA gZ0P6t7fcyz5k0jXwbITxeFWSRFAOCkIwaUKfVkq1IfHeKO+UFFH0eQRFtMeU1ji Bos+0CJ2fpjTIZyHkNl6IcIPZDtfeRwN+xf0C5VdHk6NIRDfbXY1Tz/qqIE9EJIy O8Ml2yjY8EWAmbTzvSluGzeyXt7IvdmSwnNQLhHhhZzBmJKRqwagm75vftiFsWvy sycEVG9phmG3w2hubqufV4B7LeBSUmF7OPRi+RV2oH9pdwMYXoNTa87tXWs93tj6 tR8FkHfdN0p3EEVmY4RzFAEy5kw+XsIDxiCkioqCecIwbRTJ6JNdLd7O6Cq6XW53 G5uHWG7HMvkRHEhXsvRbiWhXf4klhV/0gk7OXQQ/wVpadXnqP2SeaCbg56NduRvr svfKPFZLsJ9M20J5f2sqWPEPVqPlxqV6Qr74Qh3sZ5XMCUtDWUVugMfgqH9emgil 8EVa2FMk0MndiLzJytqlNUkLUAgjXYEFitZ9MFeWF+eJQV17BZn5kkhnbQ/jNO4F d5dcBBMQBBX9VgNhNkse1kra5rRkgQFzbK9kn7ZL4yVRxIH9pggEYhEklymYkF7P p4CulSF+1Wk= =wL3f -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-htrd Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the HTTP URL redirect feature of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of HTTP traffic by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to cause the device to reload, resulting in a DoS condition, or execute arbitrary code on the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vuAAoJEK89gD3EAJB52hYQALm85XJaGPUEVNKU5qO5XXgS DNXebsZBGXOKiR+4Q/meIrsFfDwSclIXmyK6Xwecxg+ye2thqXyj9oOBIK1svXTb dDb1LixwfvHZGvpjqd38gF6xrzOiGARjuJPlUetWR7IqW1xLiD1Qvx0grf6HFyoC ASpUSKuBRyUs4rYvJ2HewGwgCDVqKWriTZ1ZuyNFkJeiUWRW8IyASkiirTYkDj+g +whHTjdZ5ilzD44aAhdWk+Np7GYom4YAjrhrRdW9kxkSvkTDwsKbZJbBLAXGM2AC GwqxE4Qltw1AbWEJ9w7HXY+SKI0xBhpsm/WBoOfO8kShdT8M0TMxSh8Fga50/C3v 2sZVusZE+3IpqY8CF/1WXYL85sFxNRXhDfae0EiiT1rZSO68zdz48GhuUBllpJT8 AVjupNOg3GWyhFuJzaUlv9sCZT6chwd/J2sRqTNPDelpaMCaLEY5oVeS6noheK1/ VQHAC5DwOer+LR5OmxdG+4ZQbxPSqgFfOxfSxe/pwql3YmWyzFRZQmGkhz05odNH ywalsvEhMJIcJMl9kF4mBLji1hUg6D6XxpxGNEMpfPimiEAQWvKEb/YkC25YtIeZ N9kR4sc7e0NIvysq+2UiIDe1QxdBF6SPZl8HnlYvTsVJ2vBKI+x1uN9dvtFXpW0p fg9E9sebxbEmxJCvhNFi =v8Ma -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-bdos Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the Bonjour task manager of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Bonjour traffic by the affected software. An attacker could exploit this vulnerability by sending crafted Bonjour traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vlAAoJEK89gD3EAJB5clYP/01GkHljmtfoWydE9FD9FrAa /1gaCMs3t6XBpXZhC47V0ykYOLyW2I6eA7J28IIOa9Ujpqlxz2pIU3ptcBLGVVWm 1Zpjc2MWQF3v66DPtvfL7Wr0WZxaQXYN+WpXqcTOkDd2H+VlQRHMzKWYDfD57esy s9KL3gActveVDV/51tXHLXlob+9aaK4aeHzKr13GfrvL55k1T5Ea4670o03lqbN8 Dp7Smlu3MhowJEF/e4HOcBxKLZKrh44IX1M3KMkprvp8H60igP74atHgQg7ZwUym db4DqjMFsyXuMX8m8seGI851OsfxYUi5sRP51tAolBY3EGaWN/+kbI8FCp5l3UN9 Ezlwmfn7er8szbaJ3rzE2yLChyAyeNwL6+SSMhqTWvUfmmwmyP9/OHRGaO1S38tT OEELsiupGh0e/G2FVom/tqzm9KBK8IDWl+JgR2fRWgJjQQkGZoCFVzAGX+l+vXEF lYTlvt17JmXzcozEcndVtdOhOiQOFlOABr1Okor+e5vGKhVfC+9bYCq6hAU2fzH7 Wb5fb35cXXUoY7fJxmLwUodMyjEC/7ZueggmLgQlfyR75d6jnX+VPQXXBSamaaeP peb767C7f59ppK0PA4XMy6z8V0d741nQzJlHBWZci1tfnQvDy38NX1p/+HoLaEGS ERe2NvYmEe2Zt/vZl+b/ =wyDe -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability Advisory ID: cisco-sa-20160420-wlc Revision 1.0 For Public Release 2016 April 20 16:00 GMT (UTC) +- Summary === A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the presence of unsupported URLs in the web-based device management interface provided by the affected software. An attacker could exploit this vulnerability by attempting to access a URL that is not generally accessible from and supported by the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXF4vBAAoJEK89gD3EAJB5DyEQAOZXYD8FI8cLQMVasgCJ2rv5 K8kiwYTZ6RQj0PgdeTk4Ed6UMbi0iT0XYt8E8lo73TNCEm9mqN9nPCXX0Kxsa/06 +aK1yDgB+wxbbrvQ+JNDO6GHWzcjB98giv6lVN8dTDzO8nEP12q1EvV7xKREc7Tz AJ2xTEOWgpTPEwDG0NxA5ihsxjtPRj52w1m0uxJladV1VFlvfGqmiA2NK7PdRUjz +5FpbVNG/fBzJCkjQQPjyZViYsAPaeRQnQMfIUov6D7Ta0RYWe+qlSwjmfElR8Pb BdeACjVsCEZ+YLrQgsyBXZ4MVf8+CL4VdC4M4vrRnxWqVatqdUqNVlsGrovyuVDh PijWM0pmS/yk12M4KIpjPzPlwJbC9vs4s7qaJXaP+94YvtJwzGAuT9LrWohMExfJ kQmmCn+Cy/TpX4qMzbN0i5+n+at9KPqHRdSHlnqCTY8eQkxOhY3vt6fbl1z5JkMh vvq3C9nXC6cQ/Jat36MmXRI3Ky++CzZ1od9joRb1kRAijlM7ZF9hjC0cqsWNX9O1 4XXo4wZ/VaJRUWmSHTMsjY2Yk8ccq1bq8agkOQm+sSBvn36LVrjKpC7ZZEIavnwt w9A+xLOoVMffa8QiUnLzKu9YuztfHmpWt9wsalhBwaAxeXtxNKKh8GUUtucDo6m0 fclgfYYNyMiUShiD48JD =FKA2 -END PGP SIGNATURE-
Cisco Security Advisory:Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability Advisory ID: cisco-sa-20160413-ucs Revision 1.0 Published: 2016 April 13 16:00 GMT +- Summary === A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-ucs -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXDnP/AAoJEK89gD3EAJB5ebAP/0ebMx3m4efcj7BGwzX9S6uH WH5kJ63/MdIl1GOHme8YkVXtkMMgfGTmSEbZp61OlgqDfUiOBd9aJjnX/vYWPvBo arI0NC2Bn15/q3fMvFm+Kuhbu/a7pB964f37Cn5xmTTT09gaBIM8YSUf+rE8yejb nqwxerngGyftSrj4U0v8ePZlOAQZptpROYxpJVjsx2PcLhV12jVrCPJnyHjAQkCZ Z174n6H8LLbNAb5DQBqxzUEK6tmUrHG4w7AxtadnWHGi6webotvO33W+enAz1/hZ w5FjoiE9Q4kQMCR6CoyltsQFgBesT+e5D/ujrtCvhULAUXhGkLqCCAITxknsUcbT bh34Er10+XHTC34DlNt2iWZTZwuSuvfNcpDphuFmVffHaG3PGTwOnY29y1sxw1qa w/YO4OzXfTEQB9vFlp4x5pFTriAqkg4aqmVJ8s6Xek8HTv3TUFRLlCUd/KqExaaA 19jgZkeJaznipkSeIf2Ez3YT54B0bIS5hBy2qvvjUbGLXpb7FuMX4MU+rg5Iz/Pd XzA++8NJS19Bfy65qFRNeDfWInSXMlQY2eN5yGRIg9wyO53FVuCFbeNVNSZJyS2d ISDIqCz2mxLZsAlhubat5TltLkimFUCtQ98IUWKjtUvTeUEPks4W2aLyU7NSlYI5 si1jM2s3eKYkXAN+9fSL =B6H0 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160406-remcode Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +- Summary === A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input. An attacker could exploit this vulnerability by sending an HTTP POST with crafted deserialized user data. An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be used to conduct further attacks. Cisco has released software updates that address this vulnerability. Workarounds are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvwW1q89gD3EAJB5AQLU4BAAyVleGTpbOO2B2/XM1NBCcB5qJ5K/DrSd hmyLpLBt7AvVywWTT44ofYUusDvz4tuAYOKq0GXrF8mvJyEP0L8xTZgKzusMb1p/ WxXl9PiyX72NVdJGT3MArrJrq+rMOBVzArU3ytAkXpVWAEU02XRwEkrZtYRGW0aV y32fCOl6kNQTwB8eIX9ncZZ1tsRbpQfEpYoBPuRJ3JYqNb6r32YTbXRsiJV5RWTI cxDP685HlM+07tx9VkGha3K0jDZUMWAJNmMl9mmYIClU4rVnwJa+d5vupCYJM4b5 7C270KA+5gkaJ0eadoR6Cws0wJ3661x5xodL9NR9E8h7je4d1aI1R0pdI8slaLIL 2doba85zsMZskjrxd12Ge4oTwYvCfC9CthhRKtCp+MNeJXyBIoDBFEbHMTmD7zTq EKK38udpIYR8+XEetWhLhDdVX5bw/fvWDjb/CVe5bTJ9JihAZgAJ+l9tjnK10+lV M0AqJ6kTG0SBlUKAxZ9gy3STcg5P8Ttil4FV80WsclGCAiNl6myUIzCvo0OhERUC gVuJEl2VODOADi7iqXV2vLpyz5cwgGgjEJ+2oUMHn6jycBzaUqzknbe+hYPC5pn+ NXWTakXyo/8kGrkK5SbU3IsZAWIiOs9GBS1X4GWfsTbrtl6tUxjX9Nix91xNp3zu 4h9eGOzLkus= =z8pz -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability Advisory ID: cisco-sa-20160406-privauth Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +- Summary === A vulnerability in the application programming interface (API) web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to improper role-based access control (RBAC) when an unexpected HTTP URL request is received that does not match an expected pattern filter. An attacker could exploit this vulnerability by sending a crafted HTTP request with a modified URL to bypass RBAC settings. An exploit could allow the attacker to gain elevated privileges on the application to view and edit unauthorized data. Cisco has released software updates that address this vulnerability. Workarounds are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-privauth -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvwYh689gD3EAJB5AQLLgRAAg4xrATdBkx1HDJ8ayV+Y56veWjyLj+HT 8/3ZMHYiGthZ0/auH1Q4iGA6A9D1GSoVPaIlpnyDa7FK7o2ZYhk+HQ+6rcS3axqU WJmU9Lirs11MResMOJzSDzxgAeGcpW2baLBoYsMCv/LceJNEN4Br3SSG0LNWaVhm kolE4HXJHsH3BXiOX0gx9QIOO8DYc8CT+p483qaYpj8tfH7RbMl3q4pcRseFI5LP cNO16YLRkunlD7CgUxRleU2540WJr88BIFIL+qSSiW2A0uLiZ2jPd7Nsgn8U8/Y8 djYUJ6j35ikJSbZ6pUp3O1+RsGuf6YWCXDuE+xCnwBhIsvVPOi1MaZS2YM9EqV2I zouPHVeGG3ML8mTKscDusHqBdT/NYgAWBVn+wvV1uGo4/eMdEzGUUOj/ucyl80Il 4U1hdJWsbrcgEQMn85a3BRDj/r33v3XEXAhOvuoAJMoBZn64tUFccqBlMuyNVGg/ EYQGLL+F/OxqZgt5efwYrnQtnUJvaAHvHPNvSui4hEEMxUJ21lK5wDsS6AL88hZE GVAF2dNTem8Xi3g3+q5/6V12XLdBJoLGVbO1BqYTBoCQrw9J8dnZzXF9ZSFQlXoX a3qM8eGytch/+GpZFIQEOyT02dZJ9qnKy+PdTNV4sHYFDuCLV79ek9Qs4XlOx/kJ d2vFFqLF/Ug= =ICvg -END PGP SIGNATURE-
Cisco Security Advisory: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160406-cts2 Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco TelePresence Server devices running software version 3.1 could allow an unauthenticated, remote attacker to reload the device. The vulnerability exists due to a failure to properly process malformed Session Traversal Utilities for NAT (STUN) packets. An attacker could exploit this vulnerability by submitting malformed STUN packets to the device. If successful, the attacker could force the device to reload and drop all calls in the process. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406- cts2 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJXBSEeAAoJEK89gD3EAJB52JIQAMfj1NBNDPnO5Aaxt7q/WF09 RN1RVX2VCbk48UX7OyvVZ1ipj5aLoi9S3mV0k7AL+VsYpdW5XaLEbAqCV7vTmM8o 1FfPVVeWdnFd2JTfBOP7lHwJ1Q1p9IarlCAnIUIpPfJ28V+XKGpgsI1gioZo+6Gy oe1dXmbiBXOYyNyZSzWkS13ydZjN9lFWHoN17A7vslHaD1mbkoj7qSL0gzmpk8+p FDycKFIVDqKU2IfmFdVbDNDKUvuFmTSgdOx0cB2BgHuM+K6ftR1T26/cQbynFus4 jUbKQZ47019Cdn1YCePExn+ojaiypvI/a4JGRstiVtilsm3ulw04GiTRUgKVp2mG J04CEAYnxcIqjZZJfwTP6AAOW7QjsSMDXvq8PLR8xZYgRqTlD52I5sdQCl41gpv7 v1EsQKiOXVhV+79pJrq1IDYWB7FDkMAV9WDoYTJCg9+ijPbkN2HCtC3EOvXCC58e CDHlybCYQDbp+xX3oZDTx5j63fLNeybxdYP5poBOLzlWgxClfX/6DcaQ11yCCTsW Mjjp8WBvtWQGDIX4KvUbUxijGhn2aV7bw4yFcdj0Gd5P+hU6VEQOmY7D/IoG6uu4 7nlYu0U8nCadZIW22KL55hMwUSsZOOZPEFnOTAfQuNOY2O2+PUWQO/quSUJXG5Jw wYBRpLBK7sHzPl9RzBPx =UEZB -END PGP SIGNATURE-
Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability Advisory ID: cisco-sa-20160406-ucs Revision 1.0 For Public Release 2016 April 06 16:00 GMT (UTC) +- Summary === A vulnerability in the implementation of intra-process communication for Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH private key that is stored in an insecure way on the system. An attacker could exploit this vulnerability by obtaining the SSH private key and connecting using the root account to the system without providing a password. An exploit could allow the attacker to gain access to the system with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXBRJCAAoJEK89gD3EAJB5muUQAJIURzgd5bW4RE6IG6NqznNq 9zL084TWr/TE+lg+NgMQBWc2WqQmxm0+pZnBKpPpmTJ53Lu4yxs0X0ugEpO27r9d l0JVvntCUBwhHogOSCrZCRiqMMMRvC1rj2iYsKIy8khfMfe8/CMHhz/oau8IuhfM 0E/AUTQCTtX6shy0igKXQ6AlX+VZPXswJVvmVdKPB4HOX9/Oc3pPGJ1qOLn+TY3x mAX1dgN4tYqZYnIqY/a9vkBOm/8vd5otW8FgrqrY288QohY7ixoZKEBXPYtAYhWY cmuJjlYgXAJgiHohdEtTCI9biI37+sRURX2RALRBRIKohCfflYpOlVwyczCBNmoS Hx8Y2GzEP8q1BYtNWWekYY9hlgFwnKh8q3M0YNxQ2hW8iOLoFdEnMbIF8YMmmTeU g3HF7WhgDXaLFPFzlT2HrICXvGLz177vDVocEugg4ygbo4Xd5MVZqkfsN1xUgAuG EqVnhoSpRaA8syCg96lJ+dN8BNd/BZKaFWXkN22WGWM+vR9No2NwCEAijiI/u6bN 6S1i97X4UD/SKPUDSr0+PSzWuAlva7vT078STrBj5FMm3JSbT+Q3SbbYQEE98esf hOOV0gOoTh2fkD1eOzZKK3jv/PfTykjJqrfhDu4D1HFvDYL3mScfovXsOZwYtEMx xHRnUExXIaFVEtEth38e =zNe+ -END PGP SIGNATURE-
Cisco Security Advisory: Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability Advisory ID: cisco-sa-20160406-cts1 Revision 1.0 For Public Release 2016 April 6 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco TelePresence Server devices running software versions 4.1(2.29) through 4.2(4.17) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability exists due to a failure of the HTTP parsing engine to handle specially crafted URLs. An attacker could exploit this vulnerability by sending multiple URL requests to an affected device. The requests will eventually time out because negotiation from the client does not occur; however, each request consumes additional memory, resulting in memory exhaustion that causes the device to crash. If successful, the attacker could utilize all available memory resources, causing the device to reload. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406- cts1 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJXBSEYAAoJEK89gD3EAJB581QQAKhG46xic2QPHtFkdwHSL2YW EF9nGj7FpKHFSCgvDFG+cQdYFmeknvnoUdBwyP7uyQ47sUdg65hyQEDXZi2PrQIx PlxZ/h03VXcz/S5H9qFDbCoez5BAFxA/rfdzYWGQPwQs4SxPgrK5Y4Ybkv+HaiVk Jt/wzJZGoP6HyBntzs4EByDbDFXo9qtmU+IhsJnC0PULT7M0AItzABBlGPcIMuaY wptbHaCpB9GXNKXV77Q4C7snqx1XJBpcWuegDe3qTkb3Z+9Bke6h/ZXUN9ntAipS rHt+fmCQ/ZJZgjRiFUmGJ1Tn3gqzJg2sM+BBz7e2d1wlEjXsKAnm1pahj3/xD6gT z8w+4Fb2qUy937juTogT3vBVbZ23TCs6u8Nb3CsHBwDIa595lD540nC8BeS0DQQ0 D/oahFe8GKA3oV2txcsdf34JPCOq6Rt/yzLZYeZWnDaiyRSWpGk0BPFdWzak3htn KzOu/BWiR3BkTnCCk6n3xnp202dIIy4modS8/LSWW8DUGPEpabXQSEq1BBQXpvtL rKrapwWOxi4PyS0TGZZlcmpyJQHjTAx81gxlwRPZGQtFU5Va+HkpDBfVCDEQE/0B Cyk34VQFa5OK78feBYSn7zgG9wrR2er8uHgIKI/Wb/pQuONu85FHrh54lHdR4jKK rjbrd+a06J8wXEwDEoaS =uw3X -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Firepower Malware Block Bypass Vulnerability Advisory ID: cisco-sa-20160330-fp Revision 1.0 For Public Release 2016 March 30 16:00 UTC (GMT) +- Summary === A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input validation of fields in HTTP headers. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVvKwFq89gD3EAJB5AQIjFg/+MHsKskM68q7HIhF7EB6yN3Pjau4/1bPd 9xYd3UJ1bh9jmrObAlwEIL+P40WUKQCO23Z/66opMboXTBSMLrAe1/2xMevx+6f5 Gkl8V1Ew0Ziona0DE3D3vtdPTmnY19KRpUwIMQbYsiKs2SaxoiX04J5Ny21+Uxvz xskTGEW0kX7HpZ2kWODmBTyLJS1/59SJ4WNt7Sf57FOsIZRg8tk4de27yavaVqbw eFZRYRYITnW9Ks231NhJJErM64qCis2r9yNxU5tP6BbL/CDJNbcsbqXif2t4pDCZ YLTm3sIzfLpmz+YCWSNwcc+UBe34ssmV8zRt3O51mruY7cWKycanvrHq+S9xURix eVoaw+PWZl5kI0RMqQhT9lKR/INXR2Ek93KNPOJXYKuEk8UJA+mVzphUVJR7tifH +iPK7SEEPASodgE5S2lP4d5iUV6U590eUABcfSmtbCP1a80lHpjXQVmjqIa3gnEm Byab7fxjDDGfFcnMdndWyJhEULPgIo5BCg6jMCw9SWvK7u+rSqpA/VaVc3UnvU2K xBTSm2DKd1t09Fo6x1rk+mLOhZ+Ch+7JLCcJxNJe9J0+a4YyuHE99RgV3WmGqOb3 Kx8ojX5yF6KqT+K4pZx2LKwL8rp+r5lZu40EIz0jrFGhKKXftLOADWqMbFwZOxKR xUMD/t+aY6s= =sOTL -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-l4f Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Wide Area Application Services (WAAS) Express feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of TCP segments. An attacker could exploit this vulnerability by routing a crafted TCP segment through an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a denial of service (DoS) condition. To exploit this vulnerability, the attacker needs to route a crafted TCP segment through an egress interface of a device because the vulnerable function is an output feature of the software. In addition, the WAAS Express feature must be enabled on the interface, typically a WAN interface. In most deployments, this means crafted traffic must be initiated from within a device to exploit the vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5gd8QAKIvLg7vwXD/HuiRHNVVG69u rvYEQjI1/fBYFUOba4oX31JcMvgSo1+SLDnpXGLrhnbE0+tZXUcDatTGARsaUYMs 4sC57yPf8gQe7kCujGf1Pkc18nF3qoVNKVwsMIpvBKLWACEg5QCRdHRWu/wJ5XhW q/PkwC5O16gtNC7CaQ6RKO2tnRJhvknJ6xsOii9YA7djSVVZw5Tzqnpvi6E5ztn2 OTFKqRq42h0WS7i2FPEcJlZVrGclrh2dRczlSFjzhK+VeRgLAYEp1brGUwc02KkJ n9QWn/B1tlfm1Rft2mGFyggpgVvGQkCtsRZIII8ZoFOHwXegdFF7/U62upj8u6zf T1JrtnAdSCGkRdVjLXH+VKdG0+Jgi9xqXrjP7XC2xsUxhXl4WO1gzKPFD1w8zrcA 68E6aN/jFIJbXDEMTZRRKnoPCt2cIS90aPfukDNA/6xXx1j80+NxWNEPLE7MSgpy woj5zr/1wEsb3ndjXkEQpxLQVeRr3nybrRpPEYVnmwRpZRq4AsZDYemv0i2i9frq R3CB4vMmdah2A+jZXImMIfYt4HHLcndbYgCd7+CtfXdnLZugoKaIG65HYuRfImyJ ND+ERscodpJo99ojNETIpwtraJ4VvDkqC7Mv2cuWBVJG3tD0LOmSJs+HWOQuxtxC XDxVegi2KshtmhYIImHY =UTvK -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-lisp Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Locator/ID Separation Protocol (LISP) of Cisco IOS Software running on the Cisco Catalyst 6500 and 6800 Series Switches and Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an unauthenticated, remote attacker to cause a reload of the vulnerable device. The vulnerability is due to a lack of proper input validation when a malformed LISP packet header is received. An attacker could exploit this vulnerability by sending a malformed LISP packet on UDP port 4341. An exploit could allow the attacker to cause a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-lisp This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5IbQQALgBYRKsbfb0HRq6PwrX6hXZ YSGvdheiu6Rk4qRM2xGrM0wX2pzux7iEiP2j9Ts9bhCs6Fhkh7RDWdSN06p8PzOy pxaKtqIDnG838mhhDtoGkKB2LW+KpMK/5LxC5vWXXhYJ9BqaGZUXWUQQOgPfmfVP mkYUwc3VrvEOfvrEE5DGgjrNcXWb6WzJPEyDW6icTOftl5m1Rx80Jstf9aPx72Dl MYA7VuzzeBb4jl4E9/QyOEXw9m4l0cuk98LLlbDSu/Cn01hEUjLruWUubANxmxDk IZv8hk7aJcLUQd5J3Go0YYZWWUq9rvivguO7wzlp7bXBr6q/XNieFqZl0T6AMuBz tdA+FYfPbkbqNnbxodcSzphICVMFHX0SINBHVlstMfWzjwnHrgipa1NPDEBLDoxk lglefU5zDxlM34Bh5+HSXQlRqLqfOhoKpStUX00DK68LtovElLQtfFRswmFtIaMK aunBRXLFfA1rig6s2kPC6eyovYGPaph/744EfXcrSL1h5VKEBhFCRa8bDY7TpeyV ZgFDWYA6vE0goEbHGH9f3L19NNrWD19t4IqhPdPkukgMZJixjU73tJwBYxKDwuAZ lsvyK7iJrfu4zbzJ7+Cr16erk8zxBPWgT7KqDwU+rxYRet/Q7RxhNtwOYbWZfoBm OhYo0ifUMRG2+AMJMsZI =v8Kq -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-smi Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling Smart Install functionality on the vulnerable device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU7AAoJEK89gD3EAJB5q20P/in7eAKdRpzbhxKKTtgTdB1G swqyajq6ny5JYarnyGUewUsHDViY5+Nsn1LHoqZR+FTONcTbdPVAK7Bg4K8Zlyzc YJoDN6mBrFt4tBAMQ8OnNUyykEQOj8sLWNp+vHJXNQfG9DkLBPNexTNeUXnIUIJ4 ErLfEhP42PAgnh0LQDv7KwcvwFEHuRxmNgvrjSmBGCujQLwRWuIDIQNglJ3iM9Hl SsOeKbtkGuOSd34hfQWER3nUxckNexR7vheFIdG1FAXluwLH7LLYx4UngZtneyIU g/XDPBZ93kvE5BGxP3bXGzL8fZKRgqzO7y9+nk+21wiCKgfScB53u6SRK8zio6oW LzrJJGlJf05Oj3lBACthDxHQMB0K1gSOFfAH88T4Q7JcTqEglL8Z0Wt/PnYkkh0e m97/bhTCoq6s6kWOwd2y68h65QVkHzizkhR2iqU0ZV/2sckVbvsJKHcGKnSZp0si qsrTrlm0jcGD+PGM1f1oGu6C6buzyO5ZcE2RXRDllloVaPvwMnh2CWvrJpBDOsqd qBXyFBiuEBGkUECroOEnBALNiIZ/n6V87rqBKINQWq4XQqiO0+Mqn/QBhCPZfv83 ZpAxtGiKyOnoMKS3CNjRJV/+lRH65Oy1f51kmFlGiZEaYnZ3Mqq0ikXVO5SNKDQR 1ze7mSr6cgQNQphyiDnv =joeO -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-ios-ikev2 Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handling of crafted, fragmented IKEv2 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2 This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5tHcP/1IOH5dlfWMZD1qNngUnCWzg +ck1Cm1V54sMIDvfjFANdElPi8PI1nFnJ7Nmg6RIN33F5RiREIKy1CEgxAS4vIfB XkgiIGnLhZ+St3R6mgVIHhg+fMJnmBTvxoKwEp/YN1xjNFf4p0hm8B6+KCu8lb0r gDvzxzLo7KZAABedlm7lpqAOIRMPRxA3BApzqMtkIUD9nHLxxWUZWf1jsD0CzQga sFMA8HICaGA69Ldh4YIjC/wkOGrstQIdLNB6EES/klriXflD5p+WFb4zIBfy6CK8 WKbp1QOuqRvkGJRwvAXJ8HgS+gkA+jSxFH0i5tUHR2OvJYm9IsMhw2NJtnDLXv8e UECVlkwslVzac5pGOnpVaK36QYeH5ZAoJuS6Rf6u8kqI/u9mS6qxQzgmZqCWqpkD LAbExAmPg9mvLU225BCkhPs+8Uhbcm45DDt3IRLcCk80P6dFPXXJQ5HVKFIao7MC n10+crFbtAx5Pcs2pFARYD+n2QPuP6iYsh90/BAD1VLWhJFfRc7JbAeHPmai/7RH 78ZGClwqY4ApMejnfnpOiH4VOqApPp8erCdm43Kl7BgVaS9W3Ln9vpipZ1jnxkKq psyLfpDp5ffN/hkO7XkTEOmPK0frypBo2MvcpmAKUuJKhwlGnW5Fc/48s1YoIjRk JlU3J3x8YkKFgxVTKLVu =uD60 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability Advisory ID: cisco-sa-20160323-sip Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the Session Initiation Protocol (SIP) gateway implementation in Cisco IOS, IOS XE, and Cisco Unified Communications Manager Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of an affected device. The vulnerability is due to improper processing of malformed SIP messages. An attacker could exploit this vulnerability by sending malformed SIP messages to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling SIP on the vulnerable device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5EtUP/istyjPt7PTc/nXaKV89MRIl 8AWNXgip5FSt4hvMh+EPXHrZSBUeAUV/HTRhbPukRedLlmCLQ8a9arnMoUHgqQIW yZcgiOZNNHuI4hyM+x094Z9WTCFWvBGbAftjAfFPqH+WBErUCmbhAMzvrK98vfkQ 17ArMN8Jn4TtsASoSN6BbYT3NA02KCsL6F6b13XYvnGA6QmvWLAVaIK7y7zbLfZD 5Dmk7YiDjqp9wnEPZ/HbRcAsAKVgpv8MSHXJ4ShRYG1pblM5aLzCoOlsVlyRTY2H ClMfIX2LuUT6xqJpj1gjHNLsxfDZ+za1n4qNOKsBXV9qjl5Q64kUneQHckWCa0kN +n+7IYMvbVZh+PWaqEP6E/mt3ok5++empwxyhJE4/4rhrvIEgnSk1nynunoli8bZ rC29txodCYfFdilpS+fynwl6hWNymgBNAxt1YX3AUaIwIeYwKNvn8pxhfYFNBteJ eL1CzkNbpUVsFqfeH3iFekZ4J4IH2mZ3mU9FuEkEmlrgktCcluU7xCzu+hr9rGMt GDnlXKmlA8feqkMX42DnTLV9Ai6V31OOcoPOdPU8erKnqVABdsalesUWY65tiik9 waeHcGRCXNZ2PIFl/mN1fHEMvRqFBtLPD17Evy2Z/ag4Id1UuA4B/51JooSnn7QM oT4W50tYItvUS2QBOxCX =XbF5 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability Advisory ID: cisco-sa-20160323-dhcpv6 Revision 1.0 For Public Release 2016 March 23 16:00 GMT +- Summary === A vulnerability in the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 relay messages. An attacker could exploit this vulnerability by sending a crafted DHCPv6 relay message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6 This advisory is part of the March 23, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes six Cisco Security Advisories that describe six vulnerabilities. All the vulnerabilities have a Security Impact Rating of "High." For a complete list of advisories and links to them, see Cisco Event Response: http://www.cisco.com/c/en/us/about/security-center/event-response/cisco-erp-march-2016.html -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJW8DU6AAoJEK89gD3EAJB5YJgP/RY7X+TuMWSKKRtJq6W9c0J8 ovaSUjvYpIdKcp+8JtLlxjn1+PELJkDpFKVmzmzK5S1WDdaBzpjD0edH7b+7iK4J t0Uoz9tr4yBhkoskCRTqGopie63xoqScPYMHaKTTO8lo+4znQt2ykylOZRkDrdGH dL5yX6KJ68adEtj7QwyDAb7ZD9mEEEjySgtJAnz8u5KuLNJT3p6hRLMMJXkD2wPC sL3sD6wi9Ew92hkLq+BQ50qL7kBqGJb4F+y0WmkSiDcrfi/8ZcVY1+cyElrQmqcK cG/qi2FbdCJKcIYIWo9BoBDHsBMuQ+R9bgu79YR1Ux4PnKdElKgTQdFUFnhPzRV+ lsMUkV6NHheW3YrqhkUKHEcZPNxAFwWiaQKFcb+eERbV0X5a651xsRH738lSwMke HY8ewzgNfKL1fPUsH0hGypWZzriOq3gTBZ96veVaXLzyWopyYMH3nw4XZxVeVD5U 07xLfY/3Sq/0Z/kwRXICF24qOGYhLuwLmKJtHyUMXF+YyGN82JwEupU2kY8XvXzv X/fdqjjQL4bN8C6GN5RUsb7HYzYLtWohLklektXWdwMSDw3Zjri4Kh8YjJMiyd8M feMxzIogHHLy8IL07xGnDPYFvGApq6G9hmtTikMANwmPtMix0Rd/YdCufeeMx4WJ 0sJ195oJ0H1n6Eyitkxt =gwyh -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Advisory ID: cisco-sa-20160309-csc Revision 1.0 For Public Release 2016 March 09 16:00 GMT (UTC) +- Summary === A vulnerability in the HTTPS inspection engine of the Cisco ASA Content Security and Control Security Services Module (CSC-SSM) could allow an unauthenticated, remote attacker to cause exhaustion of available memory, system instability, and a reload of the affected system. The vulnerability is due to improper handling of HTTPS packets transiting through the affected system. An attacker could exploit this vulnerability by sending HTTPS packets through the affected system at high rate. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-csc -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4CazAAoJEK89gD3EAJB5o5YQAMQYMbfDew3kqQ9ntfXBuySb suvOc20TJ+/mOJ+nbxa/afXaTh3wYIdgVBoGT8ekxGm4X5KZPVfJ5clV6HFxNRNd M5C+EFXPL3396k9ec3lipGGR2a4wzLKoQY9sKjeNyY3Nq1pumTTY3iPcltMEDfaN VM5FrRJIdCCKEJvoLmdZa7vLkt9O3aqXKlJQuoHcYmYcTnUrF8Lc9KsO/A3CMDLk EnTZrtXyiagNn3uB7nMYDiIwFMEFt+MJSIDh1Fr8Hpd/eRLv8nWetLvfuhfwdGmC lREb/ozJB9pDrutxVV7DYUKEEakFdxeBBxGGwcUAIOY99RjBwvPZqw08rd3jNWI3 K7DTYptb2cOCMNMGaaUO3Ei2u4hpgL//Dv9Ug3wh87S6hThKriMvtRNL1895BxBP HkNWrRVvJmczXo9AfY6XOIej4FbQ4Is13WyH/oR4X8vkuhD7ZcGsfQFK7e1d/Kw8 ShXr7bp+XhPBtOfKs4ETISZ9zREVlrKh7MKb4TJtFIKSIQ/WKXvFALWXDBEAueO8 r+ngNmHzTzpcG2laL8t/M2dxRKL6Dl9zK5LhsqbrgLHi/9d/iAlid65ri4R+hcao UcOfLsO+ag9gpLc4eeoJOFGy7Vzfss712B/gqW8DKXFo0yhf0YWBQeDTNO6DOpeZ hckk5kAkrcFSBoJowmC1 =K437 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability Advisory ID: cisco-sa-20160309-cmre Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web server used in the Cisco Cable Modem with Digital Voice Model DPC2203 could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to improper input validation for HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-cmre -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOuAAoJEK89gD3EAJB5tk0P/39wydK60UHWXnvBw0CgmJeY 2Z/ScvcmkXjtVbNeD1c38JkmXlm383BS+K7wPpUYiC/UslDfojOB2Tx1/WYy/ESG b4AcOyYrYgpEieQH3paGWwecjA75FGvgu7xoByRcA5z4HlchDLs5m/r3sNRG2Pv0 ekYa9S1pUWhGIW6iPcbq7RVYPw9KF/YlE8Omn57bTNRXZ4B4QVH0PWPpSGG/zy9T VyrAhqFqCN8H45QycqSuz+4S7c4tr8Tz7AYfvL2TH4esdE8gdt6bG/j4erYTvP3v 2qSWDd8760vPStPsWdqhNI+kMYWUGmql1M4TFPfG1YEQ/QqS6axaKySKzXzrbf/j OeTUq7ZWm803tZDpbqSWHsy0qvqfkRoxBf9FVtSGZ/fb8qnM/7UINesd6VlFbIhx F8l1Oo250jLekfCEF+RY+P1MiWhdd1G/RCIa64bEfLENe9KZTfwatm1js86hbDbi LHI3SOtt68W9Txei007lCngBZbwe2QB66S49qe6CPOr9qopW2rwtiIyPL/FkbzkZ E1S9g+ScTYyEZEpjZSPNCA6ztLM4q2ez5dnbH3iGeMnviriU8FCkutQDL9x6lVuW Edj9n+nUdtn7JhpTMgspGrMpZsikYz02fuW9NxuzRK1fOSDFdKN8EBcCXHuDfhf7 ujCtz0djzTyAyB7q1FCl =su0m -END PGP SIGNATURE-
Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability Advisory ID: cisco-sa-20160309-rgid Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device. The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOZAAoJEK89gD3EAJB5L+kP/3k8pRmQQ3Dig29KOdQR0bP2 6UI3pty+tMylw7i17/YBXgpubxmz8hyD+q9yqTwb97a15BY7/89PJ/SMmAlp0z7/ TNC6OtuTYRNovT4uTs4h8LC04U0jWq9Z/caSeHRqn9HpgKWv+wxq0S3A5pVWYiSH xfdt81ek2fj6ZND4hEHUQoVNrWLDylhirbGcmTe84HkxUDeIyzivSlyDovfedijc 2hyWXl3DRD9UqoOEW2zVy74wn7BWANCmWXrlPxsyFfSZyMHsZlSGS5y8Oe8Cearm 6wGyGr3NWRHX1baLEIA4j/oeSiooWsHLGa3ja+Td8p/ADK1h/nlnwBB9GxOjJoCQ Dx78cf7Aa9UbyUjviSt4od2TDxTg4D4n7zU4fglBqODX0nw4sUH7Rylt7ce3ZzEL Jfgo9+W4JQL81SA+qdBiCpMLcgR+ChAALcXti4WZolOPt9Iceo9ahYPQe+VUbfLR OF/sSFOZHZM6gRPlkYhF6if9ZD6CZ1jgMjuSoWc/pAsiiRCmzdXIev2UcVqVnSTE nnSppYjVa3E4hKzR2VHQHmRtNYfTNTGVyM5VCHelWzscJGhAWeC6pLgyOPqySRvR hsC/XM31sa0E9GxmqQYyJD1gqDmwrS4DPtLUJkmv/3zIU0bbFkxAcQz9pSfOPHgC gfpjKXGVQFqJpiyuFJUm =rVTy -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory:Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability Advisory ID: cisco-sa-20160309-cmdos Revision 1.0 Published: 2016 March 9 16:00 GMT +- Summary A vulnerability in the web-based administration interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA could allow an unauthenticated, remote attacker to cause the device to become unresponsive and restart, creating a denial of service (DoS) condition. The vulnerability is due to improper handling, processing, and termination of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to management-enabled interfaces of an affected system. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-cmdos -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOlAAoJEK89gD3EAJB5zRcQAJJyH026GIx2Zntj9Z1Of9Wi +jGDY9tK3JKLJtpaNsUA96lfFx37lXvxCitevru4JgWoXgUfQzsEOvu9QYILSokw 1vGF0gSVdGLg2MQEN22l0wdaoLPZrxPUnjza7W3f+9nl3xQ6s+i3EgfI3TkEFasw t7ns5S2BmSp8qAoHSv+xdY30YY/DreFu9INsKAbPf0qgOssnyZnPu3MIsG/OUNXW ra9QHDrn37yIDNsaZ/qKyiP69O5u1eVHAFojFsfO8u0eU20GrAF0xYDydXHMi2VA 9SFOikOPbOB45l1M41L8JFH9KDoOVW/h7rh8ose4FoQwtu5Vqe8SZsHoEeEyNkO5 +va4yzkNt8fnDXNlftIy9SJLxcgZsXhqM2ljoYOE7dS6c8rRA2CwqtBvL5SUTBLa LCroJEEhhOKJMlZKkjMuoRfvMGyarxZWd8Gc9cR18mSvj4M+37XS5Km6wPAv+C4e goEcJprFHZrE6jMVG8MjafLf3UmZk+DwIjyGpQFY8+UDOQY13KFpyeogMA3c65Ob izn+fTBv8sygSVmYt0l5DMl++yDHP2L5MC88psvOzZYyLIgCpPki9Mz8ILM6Kudn zEFUmdDlvV8hR2Rhiwvh2iJN28qG2cpkvTMtXCXy/TFH6gx/TpF4Qxz70Wql6+rB zncLin8R6mnDXbPJ7EaS =ZTRO -END PGP SIGNATURE-
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 Advisory ID: cisco-sa-20160302-openssl Version 1.0: Interim For Public Release: 2016 March 2 19:30 UTC (GMT) +- Summary === On March 1, 2016, the OpenSSL Software Foundation released a security advisory detailing seven vulnerabilities and a new attack, referred to as the Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) attack. A total of eight Common Vulnerabilities and Exposures (CVEs) were assigned. Of the eight CVEs, three relate to the DROWN attack. The remaining CVEs track low severity vulnerabilities. DROWN is a cross-protocol attack that actively exploits weaknesses in SSL version 2 (SSLv2) to decrypt passively collected Transport Layer Security (TLS) sessions. DROWN does not exploit a vulnerability in the TLS protocol or any specific implementation of the protocol. To execute a successful DROWN attack, the attacker must identify a server that supports both SSLv2 and TLS, and uses the same RSA key pair for both protocols. The attacker must also be able to collect TLS traffic for the server. This advisory will be updated as additional information becomes available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBAgAGBQJW10S9AAoJEK89gD3EAJB5NdkQAMtgK0CXafb5RAErJk8tL7gh ssAHSfxqIaa5/LtPKgUZokFGT+lr/QDsjy7dWzYXPOux/sPENgIQZlqwMfUEEw3w BHIx1H1KhJ4BFKAZTOMUjUmSQJv8rPfllekb87e4sK5+wk9JHO2azJoJ/YQlryBc b+DdHaltS+bptQ9uai63IVWz8ATDMtdCC7ZeA5lKcx184kVsbScawP46KQCHJwij IJZ0oCM9B6nagDMH75a53u7YIWz7ugs1CQgUSOoUOwdmgzNWEdohJ4uQL5epwHmY BDf1pZUMjemZyiP62aXQZnta6vCF0VLC2lrrWx2bfFOHfLQ5cv5ZcAS2CruzN0Y3 ox88g8xQSJkUYggqtzWsD7zuJYN30D59dsfWBxbAjEpK/bjcQnHX9+3oeRuyljBi L//EVLliYDTCnr/9+u2zCg42H5gsodEGscQZAoHLXvhDTV48/CaimpcISRyudTt8 8bIwgCvB35MbEcH2IIpzbIRjvmIt98CbxQGD5e1FGkBm1lmKqAoP77+h22IdAKh4 8YxN/W7qe0P1mVSfJVu5HYu44ZKKwhxd5ExT7NGCugJdEEB5DobXrsyu0jxR6gdq VCR+Tw2Xbk+Xuf+lL3cfUaMz+V2Bvqb1zVJpTp3i6ix3qy/Hwssp/bJctM4Cetka QNJPOHwNdCLuGkSqItKJ =cvrZ -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability Advisory ID: cisco-sa-20160302-n3k Revision 1.0 For Public Release 2016 March 02 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco NX-OS Software running on Cisco Nexus 3000 Series Switches and Cisco Nexus 3500 Platform Switches could allow an unauthenticated, remote attacker to log in to the device with the privileges of the root user with bash shell access. The vulnerability is due to a user account that has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by connecting to the affected system using this default account. The account can be used to authenticate remotely to the device via Telnet (or SSH on a specific release) and locally on the serial console. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVs+jba89gD3EAJB5AQIoHQ/+LSC7mpmjWMBE/s4V1OPhISFGL2TgDt0m zgjKfHucx8TErAzhu+QhJcimw5AJj+rpxmIdlzkXysrwNYyyplCmFgE3r6iYrPkw Li9NWOCDk6ZUhvP7vbEeO+JKbsGnLtTNX29yHBuz0ayUj55Tzhs7IyxNIdEy+pJR 7yc4IPObdURRGOYa/iygWhvIA7OSCqmB/8uRo77SKgTkQ9dkYaDRdDQBD5LbsoQp X5RvAO9AWQYUkAwbMYZ3z7rlGHYAc44Dr8qcLSZIKolKb8GHaKI4y/5SDyH01BKw EgFIi03C8aejKBswnoSNJWO50tVSfFO8jqAA7MfQWHKWKDG89fJvf88HPMyp89La C2oU84dLQNjhkzfm5nv4QrIHuPUMZvU5fLS4k20kxBIQE7ru9dyMeJvO72EzGtt6 Q0PdzResUky4JN/YQ6JuzF7LkFjMS1XiyWJ9OD98bveRV3gVuxCFVHxSWnjkTPTb aJ6mSVFY94YmenLAiTh9MpJBNb4/EcXJRFEFaU/u426hcCOJJSc0oDvGtV/5nfGt N8C3FtyFxmNyqOyWV8qeHM7uHlgPjFhZZz2sNNYiGkt9K+AO/iSPMWNPKlJ/Rp3b Ht3QF9l8fFzmEWbpxvXCbLYAqkdXeRdZ1Z4HgKrLFLIAwghXF7sMDIvfF0CZldib mdRjmE16XQ4= =b3li -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability Advisory ID: cisco-sa-20160302-wsa Revision 1.0 Published: 2016 March 2 16:00 GMT +- Summary === A vulnerability in the web proxy framework of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS request packet through the affected device. A successful exploit could allow an attacker to create a DoS condition, causing all requests traversing the WSA to be dropped. The condition is temporary and no manual intervention is required to restore functionality. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW1xjZAAoJEK89gD3EAJB5qt0QAOMm2cWsVxNKWQul+HYxzATd KI82WfeAgoBxDMXsC1GcpnAwPEbOQMNW2lz9fg/M5dNoEKQjnsHm2pXQIj8OlT8D AYw3PmLac/Hs0EWz9G7b6MeuyyHcKTlLRNtg+K/wnX4Z5sqXe/p3cBJixmFbJZjC mkRXpIZrt9XjLZDBi89PQPzIDkJ5oDB7S+oWR/H9QBYyy3d723Fb6tRwzNvKCpLx IoYLVM8xV9Q+xTSJcPCrbER8wPZDm163SwTxkRs2RpY5uVswQKwJuyOzNUnQbcvX 9syjzPWE9WK8LZcy0fnz2n55Te1pcjDWadoftu+ZuOCiQHsAdmhhjSOuUZdCON2Z oF0q0Hd5rN9mB6TG4zIUGAsrwNWAJ4XKeWxJVyhIsuBIlAzFsDGRIMurRy+N97xS ZbfQ2yD27Ktm2E8aO1yqAerPEi8KQWfrOdvSxKWnxB0b4SmK729DPBOMk77O1JB6 StGeVtS6yp/PazvRAG7VPqgwneAbkxDOJNcNT966hjUcmgJGiURtWkpWd3RTUFh8 vjC2ei8eM3jJ2novh6XcQmRh9Z9i5h6BYQkNqs3K5egM/H6G3N36Ksk+L/cdCOdG EF1iST+L6pX2H51mmMufGfJg/sZNBRF4LL3zGTDxat8RLpwISzypRxQwLemZYC20 GEO5+YGIotDsyPcoQ3HL =aqwj -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability Advisory ID: cisco-sa-20160302-netstack Revision 1.0 For Public Release 2016 March 02 16:00 UTC (GMT) +- Summary === A vulnerability in the TCP stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper processing of certain TCP packets in the closing sequence of a TCP session while the affected device is in a TIME_WAIT state. An attacker could exploit this vulnerability by sending a specific TCP packet to an affected device on a TCP session that is already in a TIME_WAIT state. An exploit could allow the attacker to cause a reload of the TCP stack on the affected device, resulting in a DoS condition. This vulnerability can be exploited using either IPv4 or IPv6 packets. The vulnerability can be triggered by a crafted sequence of TCP packets destined for TCP ports listening on the device. The packets may use the IPv4 or IPv6 unicast address of any interface configured on the device. This vulnerability can be triggered only by traffic destined to an affected device and cannot be exploited using traffic that transits an affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-netstack -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJW1u/uAAoJEK89gD3EAJB5UpMP/imOJREHxMUeWLAzLmILxX6J F/zHXfq6I86fbCiIeXGKIyoOqFes57X/62nqS13/4eIo0k1YIIfUnlsXcBu62goL JKnyEEJvBMPhOJcE0A1wumgrx/CG5saKpEGKJzgevPCMfw/vCLFNoJo9NoPlKpyx zBMAMiRdbrllX4kd/XPCtnkcrNU5BXUX8s9sSwuym7mr8U7QLBPDtxszQ1ctwLTs kXsdHpqDs1ZNhourNCeX6IEMIroWuxx3VWpefc5YB7WEk2xnDC885jL1R9SafPdn 1L7cYBrzGzn68yv0T1ztQX4sw++SkhNAq4rm7zFpXCxH0vxSvlLgSva/+GmVcooA k/NpCIcr6b86HtZ92Ag1sM4Z/IkL/T6uh9ujIrOu5QqJ1nhn4w9frDePI+dWckEI GgB+9uF9k12F45+4K050o+u1GYPDerwdOZ42ygKpE9gubsLyhVixkXEE37Pzx+94 h9B8nVVULkRuN1YFMWT3F9uvjeFdqJonRVI9H3g7gCuENbQ+r9A76O8Ct1xoYD+W s8gAP19/R20wz5Kd0zHP+qr8U8YFWbVEhpdC8p/2mVFa9TJ8Hji1D74R39v4h5hD Nbbx2NEOP6PeWqxABSvIIPy85VHlnR2Ob8jTo/+oXHYtXAnyiO2qacdSx506YaBO KS9zQgehAR+sKCXgvL2w =FC1r -END PGP SIGNATURE-
Cisco Security Advisory: Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability Advisory ID: cisco-sa-20160302-n5ksnmp Revision 1.0 For Public Release 2016 March 02 16:00 UTC (GMT) +- Summary === A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Nexus 5500 Platform Switches, Cisco Nexus 5600 Platform Switches, and Cisco Nexus 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP Protocol Data Units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device, which could cause the SNMP application on the device to restart. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVs+jWq89gD3EAJB5AQJDDxAAxdSHqJnWU8J8e4u7aN4xYyuAg3hvZp4J qrIpHMxuQW9kS9PBnzlvj2Z5zLhzxgzx5tJaiRmV9eMey/j4J1KIzPIi4eMa2w6o oFhN9Tla+ZuiqvTVuCF0swYEBRV6YHUXUoTEHuy9MMfmqJSu9L5bY/ESf0yLDDgT zyDp7BQ++v6FMjSf9VKDhuj1X3+dwHWqKZGaanTS+v7t1kfGz778vNGFhGB08L3c Ty3nL601bIfg2BDkFfPcd+BI3nG4RT85JmjA7fx+/xXuUw8GMfcUnwuw8Ym5R3l2 +9pW9Lx/PIh8lIRPTVS1Q6+TpBglBTfJV7IXZ+0nciCpa0VnQEhddwtk1fQ/cNHZ 0qYxIwbPHtPhT09V5JL82bn8xowhLGpdn+Kv/ZW1JOq5CYq5OYUOb6hu4DxpXggU wIVhpeQKxyaivYfjGMz5u8TD/LEVrq6vWSkt15SLXhZzSNyioRm5VrmPIRMwG7Xr fY4kcLNWku1m9zstiN1rwkBwFcJhvUn2Ny9Ug7UF/frE3CbSBiCJyCW8ucnKe5t6 lUsyJXT9kUYXT5oLTv62JTASuaRByer5svS+m7iDr2WXqumTgOQVYz648XHJ8k3n wMBpEFicSoEo+B7g12vQOHKB7FOsFpkyxvvOJ89X3ri8oDuzhPfUNhH3nq2EXlAt Vuy5i209RlQ= =zzHr -END PGP SIGNATURE-
Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 Advisory ID: cisco-sa-20160218-glibc For Public Release: 2016 February 18 20:22 GMT Version 1.0: Interim +-- Summary === On February 16, 2016, a critical vulnerability in the GNU C library (glibc) was publicly disclosed. Multiple Cisco products incorporate a version of glibc that may be affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on the affected device. This advisory will be updated as additional information becomes available. Cisco will release software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWxjg5AAoJEK89gD3EAJB5r1AP+wegtm6SQ3Z5su37nWOB4xL6 clurqpKAlzPkoNgU2WjsFlFjfE5hpPnaURLaf/XhOfRKMw75ec+v7fWaH/feYa12 fAyT6hyF/GuI+V5V0Mxqpgs/dDHEqx4NWH6gk3G9SadhMu7FQ0TI8zTHPoYNDObE bTxq1Ia17t5u+8DeQ6PoPiI/2qWeS62YGeUWKeyJd0DEweKjsCBSNBPMWA0dAN5b 7epM+B5YSsES2arf/SfXFhLO91VsNwyG6gIohwPPMFdbX3mgJJaos43/q+mx3NKK 6qPPngcc+lWNM807YQZwkMahKKkTJaAJ6+5rRw7B3ZlVTXTVpSIDB1RqRMBqLNYw JJDgexiyMfKb/eGmyDerhtW4jBf8izbWZM+IdXAMVOM1EXxdjBr5JX62O1SWxUIY NOxMhvbIHNis5Pt0xXXbu9uJoL9FNFSGspm+axk15FHh0H3tfOdsHTOHwTUkMdrm O3FDQfOnCuhzYMCMsyBDkY/egEib+AosUcbnE3eeCAXR6yD7iFfmvfPQJN3Fe1nq FMSlc3ZMhadS8cGlYTIGPhW7W7b5rWPS/hwfsQ5XoSz5qbGpifUEgZyXHZQztK1P CERKhV6FWDsUu6V8QDuubTvTuRvPoM6qTw5OLCDWjmsB0L8hIER28SXXuRlW8gAN lokLKVjbAKx/T78+5jRG =1kCA -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability Advisory ID: cisco-sa-20160210-asa-ike Revision 1.0 For Public Release 2016 February 10 16:00 GMT (UTC) +- Summary === A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWu1piAAoJEK89gD3EAJB5VHwQAJFlULDMXTz/W6KDOa45GV0G 0lOKZdkEXwwV92SLztdQEXiEM/MgYYrn6/GIHJmTh0oOtZ9d4HT6RZzBjR72ycOf SSm7j/uvwFUXa6sEEm58oAHQQAp+4m6+wskbhS5VrOGxOGU93yx9nIqnms7ywvkc 2JaS9V8nm+nP32as/s4+Wh3GvxnSvP3TT8sOSiTYAwC7+DBlnyDgHKteHZtpOmqD EhippRYQHK9O4KWDC25MRdXwFGqRspi5SRl9m1pLecl3MBndDD4oNiNqhfR5oMlI LvaWOrbeKSSy1jK+GTvAPSAJPQ+f0WOdu7kW0bt92/+1Wt7cZ4RwCwpm0pxzgFDQ rU/043uYbwuDeWNo7X/CLGc9ykNiTaeMHi+fJRYONo1AWR5CcsnA3Fk60HgJw6IQ 2Yp1kP2P1R/+jLDP4APM1ZWzvVm1Y6doDE1pwhLYr0SQjSp0GwuPJmzr3bs18tVC gsBudxoPNFJu+8L7dPxr9jutIGXQwA/4zJqzAfUDmYkMQCqli0fNz9LU0RYQdN50 3BpnBjgsmLUMSXcctnP6vMnikNcaMdTOpgznScm3LYC79KbMAnwkTWBrSOSqCnky ZpWl5a3ndYcrJU6vcb2Ul4hGuT2D35RVwY51ADnRs6E0z8vK9tpyktAWDgG9iCuH XI3SmZ4K5rj/GJ14XEg3 =JlED -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Advisory ID: cisco-sa-20160203-apic Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT) +- Summary === A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated remote user to make configuration changes outside of their configured access privileges. The vulnerability is due to eligibility logic in the RBAC processing code. An authenticated user could exploit this vulnerability by sending specially crafted representational state transfer (REST) requests to the APIC. An exploit could allow the authenticated user to make configuration changes to the APIC beyond the configured privilege for their role. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVrCha689gD3EAJB5AQIpfhAAnB7qeHrfdjA/CSMgMk2VxNM9EkZrer2E wizm4VxJyrLXC3rxVwmhObSsfgIGEzgRAhQ9iqX9FNL34OVVs6FTmxij7XRfCuVR dIvNYQ/yT3e6siGQSKQjZ9K5GZ1bRHyCw9LyEqQwaWuWXg7/bCWM/FqluPngNn96 TRXSt1CM+ELV/tFSAUeu2jkHAyCLd9slwxmjh7Ti0LMVLeeQoUmXo81p08rRz1rV JpWA2tr4HO4/e4+3cJS3oe5kLGy7b7e7vUX4auxnnD5ZZEvGABs/IC4PGqo33U1g zQE1QrMBBxot5UcrHOnQEjfx9RJ8vEpw1GihemvLHcsCV0d4JWeS3FJzUnWXWOgT G5/KCao/8hsTiqu8bs2M2c4hhfP/41XHO1wkCeZEJKUS9oaPhv8uF2ly1dr3uW68 YgSY1AW7CqxqiiLktryFoCS29JWqNsYGGW43NCwWImaVyFkL6TekqjGIZYuTkpO9 fT0Q/qBD+D1NhNeesesS3KGLdQ5kFpvl936vf2coesTtlkX2L/ItJjLCGLX1jhw0 +Qk8R8GNqnj55GIjaXL64cUcDPpu90PE1K4IG533WhmrxKgZ+RzMT1I0zEwDX8et M7Z4mtlpv1owzvkIDjihUipAq8Hgj7qaNtB9sqNxlVSKxVFEI+JcWz/6DWGact7G 3ypCksBxTK0= =dg7F -END PGP SIGNATURE-
Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability Advisory ID: cisco-sa-20160203-prsm Revision: 1.0 For Public Release 2016 February 03 16:00 UTC (GMT) +- Summary === A vulnerability in the role-based access control of Cisco ASA-CX and Cisco Prime Security Manager (PRSM) could allow an authenticated, remote attacker to change the password of any user on the system. The vulnerability exists because the password change request is not fully qualified. An authenticated attacker with a user role other than Administrator could exploit this vulnerability by sending a specially crafted HTTP request to the Cisco PRSM. An exploit could allow the attacker to change the password of any user on the system, including users with the Administrator role. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-prsm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVrChQq89gD3EAJB5AQJu2A//cangLN7tBQmXdH9dVqxeGRG/Ui0TX5PM e7owNoX4Z579zbkVUCJ2D5pvwWHTkG+2LUvXKpcv+93K5/Gl4U8jMCDcndtOzKuD PV65FpVNEimFc07DdIFhQgdHEfOuLKvNxj3qwAlRha4d9cR/HCWLh4yEdMi/zbR+ IOyFntTZaf5jK0VzvihzoMIVGuoPmus+RdT2hmw4FivQu1xqAZ/28j3gJrV3PISK Icq4aloxGo3PhAR/LpQ27QAMypa9GiDCp/pkI7Isc+1w+uSV+vEulO5BSW9g/000 wXMCmZWh/1QoOh0ldhuEwlgVQo+BR2SfZeFagP4iFfHfaTYmUmCbUlgkI0jZv7XD 57QIG7LyYC1bDwud9Fg6lfmmKNhlfREA//AleZAFA9k+i8axRXwMAZ3XhCUPDAb9 A2KxldXfyGAXKqOcJctWKmqotgvFOVz4qQVM2Ay0YNsV0D2vyZONpaovW1qAVr5g zE8d0570+XqMZ+6ZnpeDCNRMI+xLH0WlA01+tgJgS6txhn/Y+7OTQHmSn35ddBnA ZYSy4REVX/2ZXsJ7LnoORj65MkwZiSCKilJtVMAk7AkdBaBAuGrHQdvT8MPgpfkl 0noBwidC3oS5aidyM0+HCrX/X1q9QZcTbgBWQ271Nq4Qg9nmakRA2eUIP7YFqNnU vf+cvrpb7+U= =XzN9 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability Advisory ID: cisco-sa-20160203-n9knci Revision 1.0 For Public Release 2016 February 3 16:00 UTC (GMT) +- Summary === A vulnerability in the ICMP implementation in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch could allow an unauthenticated, remote attacker to cause the switch to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of an ICMP packet with the IPv4 Type 7 option for record route. An attacker could exploit this vulnerability by sending an ICMP packet with the record route option to an interface on the affected switch. An exploit could allow the attacker to cause a DoS condition because the switch will reload each time the ICMP packet is received. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVqlFZa89gD3EAJB5AQIUJg//ft1XTFmFXhnNBfE5YpLhMSzgvtumqyuT Q6gO8y2E6ss4c013PNVDah7p+iSg6niYI47KOexd2Q05gEKOtQ0ohWk3zxH3I1nv pwL5YhhKpPOpckOt8ZbkUQuBbsxMyst0zb1Nw7MtOLUxqhZvID8nTQUkGJtIw5pz Z1/11YlmpMswF4+xUkdL7HuF4vsHFR5nLuepcAdJdsa8PKL4dQ+d3CIQzEOVU/K8 cUIN4JPRv6enlGzVfAgkSMLUmgd/lBXMI+IKVbrznAr1Abn0f3EkgPXyHTsQEuRA vQLRcNRGiIBDLbHGKlmHb0nN7XY+hIkHkKSLOwNgY4u7o3CxFxerqE/QEMh0+B1s HxVFVJVG2bJJNo9Y/MeaCHU5HoqKcm+sF7lcxOgR35chYapfZBn0G8j/6is32pQ6 U3+nIq7X5NVQDLeDPqohHNu/1mzstzkuQt4YlMB1wyjP8FY/mcCzFX17hxJEQRzb KeEGZ4/Yk2s11a6ZgTtA3JWtwe1WMyvgAE510SrPnygtfWXHc0SQQeZIt/8rHvGD Gy46LCD/xjVaCq3+DA/fFbUjRkgOO5YSQ+ZL1eGuAYk0vRmOxAFMcErnuLsxLPTx 9SnepLQ4g++7QuAjaZk2hrfcwYI1rxjULWq4I+WkdjwBOyl68Pkg6MljMvJwxkWA C+39AsHJFGs= =8cf3 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Wide Area Application Service CIFS Denial of Service Vulnerability Advisory ID: cisco-sa-20160127-waascifs Revision 1.0 For Public Release 2016 January 27 16:00 UTC (GMT) +- Summary === A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition. The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVqfRmq89gD3EAJB5AQJDDxAAn8gJTfbn8TEzTYDMNETTOy3xObGLUA6f 70wnslFvQz4hgV4J9Op6PC54PtEyuu9DE2w2cS2QfOGmIUN1zH1+/C7HSRCaS5xc nYftgXwI/aW4bay9mUDi5ONiz/6akZrSQ9uJhsTvs+UWe0UmMy1UTeOUj738P8g4 pwjaMgSWoxp5uyHGfGg3fs5ZUIajb/VbpMMV55p3J267W/Hbq6JPOp7VkZ6IAF6p q47BjgWzPLtTOTzlEce5U/QRrHD3nSCMp3o6jZEupJV+oX6UlrjFIEz/rYunlFDp wzOsvl3qgzK4Nk9x3obmBbVCbYqJoRgEC8RBOHAFfs8cOrT3tKSTYhGdnfxt2+Nw NbEV/6QoMDb6fQA45hTbL5wQxm4ZRkghMhynnfK4mZF6be/vySa5rywAOrTXmeqf h2P7QxxcH2AW64nx8EN2sPnKQNVckwp6aOtAYAKsZGU3ig5OCNu6BzggVyvSrFHw oD5UffKaWcmsKq7c+y3G8eyNep0wlmjZsai/TlrpKPMWyr5Tu/xD0SavJJXtu/o8 B+BF8xG8Fft60gE1hD6aWCYOna0MGYx6ElFIBxnOs69f7DREpvuEFunyUsrV0kL4 5+Zh1pL+G2thymron/FLZl98itQInoHhXCFlkjg3fz5CL/rZbeEkXNXDbK/Dh8ii dc5T22b+OmA= =76fK -END PGP SIGNATURE-
Cisco Security Advisory: Cisco RV220 Management Authentication Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco RV220W Management Authentication Bypass Vulnerability Advisory ID: cisco-sa-20160127-rv220 Revision 1.0 For Public Release 2016 January 27 16:00 UTC (GMT) +- Summary === A vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices could allow an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on a targeted device. The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device. Depending on whether remote management is configured for the device, the management interface may use the SQL code in the HTTP request header to determine user privileges for the device. A successful exploit could allow the attacker to bypass authentication on the management interface and gain administrative privileges on the device. Cisco released a firmware update that addresses this vulnerability. There are workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVqPM/a89gD3EAJB5AQLRORAAo2rDBwCQ49OQ7ugG/2KR4MznYv+P4qES y29aQLY4KuF6y7ksXTb9Qhf6YH6v/bSbXHKi0PR1PKo6VomsIriOIg08D+HdUGWy gVdozmb5Xx86S9W75Hx+cxibwBcq+D6b3c0jvQ+dIVLrEF1QQI5qD4s6f+U54opa ft+FlTtloy1Cma8u1t12NPN6OvM1IANe04yNhx397J1rODQHgYLXHOHvFKMFWG69 I1CQ8/ap/46S1+GvFnnkVPmyag+UIcOvpDM5Rnzu4hgt+arvq8TQg5+f19MMaf7q smJDi+qfHOazRkwsIOhJvNdzKEracDnCIAi0yY1cO1tk88EhFGuq3mhb14TVOd4Y IKnw/h9dLg4WbbTGh+CZeoMa+ndAIZvaQS9E6q2PEgyLGV8D7xOySySw9Nk8QkuA 36Q4YNH1vvrisoChja6j1MGNN9coYB+YvOi7EOu83fY0vtzRJyvQx/NzEcx1aopT arGUe/GgPYmwDcgtmPxLT7OKj3rCN5uxtsyqeSlCWvWnbysT7kpj6pRLmc25dDGJ VoOFR9zPUeIg/PHYqe7LQsrRJ23gDwUtugsr46JeMwss0b96sALR0em316dLD8au +j2y+wvoeM/jLbUX6FtW2xCfgIS9LG49mPnrWtjOpEr/1dXC+UcQxJvS0z47dDE3 MNdth5+/sb8= =x+Kt -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability Advisory ID: cisco-sa-20160120-d9036 Revision 1.0 For Public Release 2016 January 20 16:00 UTC (GMT) +--- Summary === A vulnerability in Cisco Modular Encoding Platform D9036 Software could allow an unauthenticated, remote attacker to log in to the system shell with the privileges of the root user. The vulnerability occurs because the root user has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. Successful exploitation could allow the attacker to access the system with the privileges of the root user. In addition to the root user, the guest user account also has a default and static password. The guest account is created at installation and cannot be changed or deleted without impacting the functionality of the system. However, this account has limited privileges on the system. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036 -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWn6TYAAoJEIpI1I6i1Mx3xJUQAJOZjxsn7/qkGQWpKAFQJhLY E559YBm4mCUezDZw+p3hUGQFSpN2exZNIfEnslvllqY97WETvyh/z9Z/6odJuzYo Qu+C7iSnHmY4tg/zbKxao2nzI0Ny2xbHL6klTVB1MuwMMI/4pTJAdQdavwy8+AXc kwP3Pc/2Hp3ANc/BbQcIHvGn9z3cgJXNtEyuAkjOwQX2xxExp0LNGmJn/nV1HwHk tUO9WKMDHjtSj/kyYONUvvtAQJTsz7F51X2T4Ar0bfo/gopuUZu/ZPJqxxKTQs/b CceEVCTlxXSuX8hKQoDUaCgIYOrdBuKfjD8kxRojXz8oejHDgC90srCVLUrGhLZm /tOCPHyxOYfnvDwMOczm6VH29mPtl+EX453aAgGBl6wj7gMK8hS6gbzp3T3HZ2ai laQOhmbyjVHVizjkrVXceb1F5g+t+gRUE7EBPtICQ6jyhyg3jfTdIQvHjXDp/kCo X83A+RHvcExvH+w8o/5g3U0UwB5j25SYxIbIux0hMtQb+FNZSluGW5kS1c0+oNld I5sVlS46hJRV+wEpPg39blSgvZgDNbkFEpCZKa7rr7O7Y1QuCLVnG2dd012KvNXn f73QcNybP/pzOl5ckZKnun8S7KvVG/gDxGXremCuOrogc1fPjR05ILxAbLiEV5SX /vx5fHKOyWOAllpcOoiz =tkHe -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability Advisory ID: cisco-sa-20160120-ucsm Revision: 1.0 For Public Release 2016 January 20 16:00 UTC (GMT) +- Summary === A vulnerability in a CGI script in the Cisco UCS Manager and the Cisco Firepower 9000 Series appliance could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco Unified Computing System (UCS) Manager or the Cisco Firepower 9000 Series appliance. The vulnerability is due to unprotecting calling of shell commands in the CGI script. An attacker could exploit this vulnerability by sending a crafted HTTP request to the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. An exploit could allow the attacker to execute arbitrary commands on the Cisco UCS Manager or the Cisco Firepower 9000 Series appliance. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVp8uUopI1I6i1Mx3AQIr8w/+JN29RVgC7M7Wlxa+YCpCNMFDdg5iiGL1 ddNXZOZqZMDKjO9K3GAWVzn3ifjvWYgXaCdd0Xwmb+xkwkmcL+eY9TRInZBJVRZr vhSDBARQLfVec681LN3bPGn5VQKyIVRkOtRv/7YfHjfMDlhRbOircBYlIcnxLhF9 FDkhEKi3nRUrPY4Nj4SXY0F4MJKg/yo3E1rF9j1J6n3w96i8trIRtjX8DTh3QeFU or2cshiZi91dnzhKzXj+pv6nFho+7HDx6MaUPa27Txj+kgfhc1xfQFrV0jq1ppRs r+8clONY02XuiN4I1k0kzTLwJfyFcvDx+u18MjufS3XHStPH8FDe9BEQsSWZZ/wN ScYiHE517uf74YOrGGpHddlSHo722HcGW7hR5W7TdBpKYluRj0CsoU7wDnQzEfs9 uQFHUInQqwD+xIPxbVDv+Ls3XOwy0LKtRfEHoWiedXhrii7/f+jV2ksiCs95qtPq xcMLwpIeZy/URCNbcJBxhKAhonTl8IZSRhKl3QCKMQwNkDJroaJ/iR7IMulykswC esj1aHGC3VZ3G97Wtq0XzPmAlN595jCXNfxKatFeqoUvy18QT+7eSJuVpPwWISXs NB9ZAtzgI7YFOffrRpLlpK55wlfp77kUzgY8r1Amrm83m98ZL5mNDlFQsUFb+KRY 6Ratj6LpeVc= =XyBj -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160113-ise Revision: 1.0 For Public Release 2016 January 13 16:00 GMT +- Summary +== A vulnerability in the Admin portal of devices running Cisco Identity Services Engine (ISE) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit this vulnerability. A successful exploit may result in a complete compromise of the affected device. Customers are advised to apply a patch or upgrade to a version of Cisco ISE software that resolves this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWlny2AAoJEIpI1I6i1Mx3eEcQAIRqkvk1kK4y5bDKzv0T5Gqu kBIqY0e4nyGdj6p3K7+o4TEv388pGrlwlPT9TUnyvreHJ/MQ2h+5q+ekowYrDUEB mapfb8gU3x28NXKZJQNK2m6SEKroTFT/vhzalMUZNJz8XLHYR+10XC4T7TXfHs77 qAj1BC3NaKMzUO3kVxvG65qgo5i9sdD4yBPmPvVzk4s4WPh2yhc7eFO/qeoayIyV EXpI6YaegO5mArV9qhqTpz+/uoaDhQ7FP+ZaNuV0qylcgkZAjFS7sw6PtfLKiUMH BUGccr4FI8nGB5DR3xZhOWbXpWrcOUSzkpjwC1Ip1zkK8ievBXgG3EiZbmbEZgVN R3XXy4c1gTE+WiDEGBAeeU++HPr3R8/ZYsKueam6cmRXziLQj2o1L3nTu6XCdqI2 Qi4RcgC3pHJwjVSjM7NJcdGUmEabmvf5v0Hm8lXSyklHcNHXi3oAZgJJ4fQAeuIY MiwJvZCiZ8rlf8V6n1RWa6z5KPiHNxhyAMWdCi5ObkjIHx/Bc9SchvGO8EvLY30e 5CJcIqmNmbs0O+WrdZPdpcz+yHHK2j5l0M/Zs8+h4+jJdiINeV/KpKQkfv+Y0wsg MiBk88gLpyCWXPHcpSx4pObmuMj/uAJs/J1e+LMhc6WDQ9hjUV6Gu5jgDdc9arPD VFOybhYGwVeOBSRVwndo =HUXg -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Wireless LAN Controller Unauthorized Access Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Cisco Wireless LAN Controller Unauthorized Access Vulnerability Advisory ID: cisco-sa-20160113-wlc Revision: 1.0 For Public Release 2016 January 13 16:00 GMT +- Summary +== Devices running Cisco Wireless LAN Controller (WLC) software versions 7.6.120.0 or later, 8.0 or later, or 8.1 or later contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to modify the configuration of the device. An attacker who can connect to an affected device could exploit this vulnerability. A successful exploit may compromise the device completely. Customers are advised to upgrade to a version of Cisco WLC software that addresses this vulnerability. There are no workarounds that address this vulnerability. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-wlc -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWlnyxAAoJEIpI1I6i1Mx35zgQALeiHWpOREIv4toqLN48hfLt mMMPAIeD7z1BNEvGkJagFoK1Uh8qoEl5sKbcT7/ZEh5eLktM+uVfRQLe0YQC+Pax WNSeItZqfz4uQbJd87UtljCogWLP9Qdw4t40NrAUMHthd0IQ8WQu2Y6CNi9Y8KCU E4X/mdT+oPHuUg8NNJrWgV0T0fYS8iNJmKekaU7jaH0XY0WRf7H1l6qQWw5MzshR 4F7o4nzvMQbDRV41kM0ARGyS/Z1VD6qSWGO0vN6cK2bg1YeTihxuWFyTxzcNbWkT xpEkiSDQOl9UgJsVRtUhLj2Ak1/qJLmZPhXE6O7dDzPAMtY+I7emEbL3vACg4O7T iEHhDSrD+IPqiOZlbrPQS40xTIppPGMI1N2tx18D8AlvJZKQehVbDnwW+XpWxGKa Z/X7ADPmhiSKiK1Cbje2EacXpVf6WspvlSi5XKOCHWQFOufDm3idxLCkA2mkju0P W6iU4vD0QhHlmfnvF4ilABGwfbqYCyllqGFVmkY+pNs8+JOBkN91aWPW0tGYrkPO v2WhYUJvKrlcatUenIP+ZnGtC0UiI7I2d1pq9Ec8Kq0k2fGoQ+DNDtBxqflmW8jU 8zTKkBIn7qa8GR08XNLdwcs5MVZ2VhRD0ad8B95OpqCPz/3f+p/9F5goo7IWJQL6 nrl9vr+8uOyun5kxJEes =51Lm -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability Advisory ID: cisco-sa-20160113-aironet Revision 1.0 For Public Release 2016 January 13 16:00 UTC (GMT) +- Summary === A vulnerability in the IP ingress packet handler of Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to cause a complete denial of service (DoS) condition. The vulnerability is due to improper input validation of IP packet headers. An attacker could exploit this vulnerability by sending a crafted IP packet to an affected device. An successful exploit could allow the attacker to cause the device to reload unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-aironet -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVosVKYpI1I6i1Mx3AQLKrBAAwa5s+vBxe9L2Pf4SnfY8PGQWAJmbVf+p V21gGG5NX5A9F9L6SVhRSyyRYAJjtvuY5H0hxkL9HCN6UT+31vI+unQdUinDXWZL HbV4siEiwFA0XhdY+i5O8GE7jxdZjXROH5m9z4n0v2s4e2YDSUGYcb3UmtmXuWgn iirpBBpWIM8cEELZ6YXhPGpG6xKCDyrYOndj7jN5orJNpBvnSKe82vYBYqiljL4d A4iiMTfqAybFnf9V4sha7/vXFnCqihpAm7Hy1RiVdlIRclhqEsFPMkmPTdJ+3rkV 5VPmGJmNQQBFtm4bOstSETCAIeu/NFd+xCo2/pOvPHctUEv3b+qDplyeXK7EmZ4I 9L58U8j+7mc9LDzyx4naOzmFh1N0PIeSsgFXL7BXby+UyBmHeaNOdTc0gzwb5Nqn CTgA93jmgcs9EEXe6wFLMZ0Hd8EGMUcCTELIh4Vt71TdKo4hCvaablyCpNIuDb6m aA+V1/Vg1SpOndjuj1r2YAHNoXo3dNNj1TBYEl8MosRGOSJNMUdjjsghyKNbFCCJ 980xcN9R70LEMhhiJszfKXEPa/yknlIN12FN2eT84inGW19R/hRyMCPv8FQfeTwk aTWI4M0Qo+hQTwCiFCJpOgN7VTvd5D1K9f/bQrW9+5zXVz73OM0gaRK/lZHpd4za RNHmaSb075s= =lY3/ -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Aironet 1800 Series Access Point Default Static Account Credentials Vulnerability Advisory ID: cisco-sa-20160113-air Revision 1.0 For Public Release 2016 January 13 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to log in to the device by using a default account that has a static password. By default, the account does not have full administrative privileges. The vulnerability is due to the presence of a default user account that is created when the device is installed. An attacker could exploit this vulnerability by logging in to the device by using the default account, which could allow the attacker to gain unauthorized access to the device. Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-air -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVosVAIpI1I6i1Mx3AQJCpRAAtWYXszbCReZekmWZIvb18lJvLmVqpNq+ KuUMPyowV1rWAmPuL6e3vzLysyigA1wL8VGes0Y9xwjQH7RC0SOxBll9A/WtcBsr JQjDn8VwvDBU0Z7GjrRKnjqYOY8M6l6f8OKn6zAYLUmyhpnpR95s9srXyjzgXz5A jfyLvUZhD+/RAnQlvqvBPbIVBUAXAWjFBWdjIR39u+6yRPhiYEobMNM8DmafRiVc H3nenqqBmKl8JJwZsGAneLIErMmfVHpTefqkgIX8Y9yBqMLbfH843QRzs5RpGPD9 5RmVCdi1UP6yeQV2kHUacMXXu/GlYfWEZUVvgRmtONdO00nQ532zhpPtxJ3w0UpF 9Z8qnjKwZN9BIySeatZ+Lvq6MQtbGEwZ9lxlv8NXDy29aInn1/MLE20fZwPkfKZF xZ4uvDPP0b0KII8kO/ALso/evE0Pv/wv+hblevEYBfb+T3dt6f9e0qHS7OTYTccr XUEllOsMFRAAabtgO1XIuh38q+Waf2hB8EWYagS0HT9KAOsd0pR86X9iz/BbpnvC TtDVlIxSJ/RQBYCbfkKbOdLEUvkb3vvJvSFu7J2qoRBXmP1Bu+ubovKrZpBOaSr1 jDT8xDU326MP2uAxAF8lVXD7lDJ6jK4NUM1KN3maW3LYqNT2fBEHX1VCvZHGNm4n eDaroWHF4MU= =WE2t -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability Advisory ID: cisco-sa-20151209-pca Revision 1.0 For Public Release 2015 December 9 16:00 UTC (GMT) +- Summary === A vulnerability in Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to log in to the system shell with the default cmuser user account and access the shell with a limited set of permissions. The vulnerability is due to an undocumented account that has a default and static password. This account is created during installation and cannot be changed or deleted without impacting the functionality of the system. The first time this account is used the system will request that the user change the default password. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH by using the undocumented account. Successful exploitation could allow the attacker to access the system with the privileges of the cmuser user. This vulnerability allows the attacker to: access some sensitive data, such as the password file, system logs, and Cisco PCA database information; modify some data; run some internal executables; and potentially make the system unstable or inaccessible. Cisco has released software updates that address this vulnerability. Workarounds are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-pca -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWaCspAAoJEIpI1I6i1Mx3z2MP/381uF5+mIQ0mw/T3wLa3BIF q+N8NG6ZlIZuQS8gtKwI9Ywl2K1GKgyyPdugsZ4lLli0Trp2tX7V8VoifX2vFGD4 nHk7/vEAVCQ8p3SZtO13ObgHOYVfAYjtm2ijSxEZYbcsM21zMnV9551edr1XCgNp MbIoUnhWzepO3ps6neirtN5ye7np7iPXiGrH98tAW6OxCZ16VOEp6tQPEzyXTHRz 8cS466q/xiltGiknANP/R4IY1L7vVAF8+mksJaFpjXsr6jBHhDFBCic1kPkJSUno SWfDz8vCu9DfzraaR4/x9madU5qcZRElpJUPsH0LKFAdGTSD80OiYpHbK9HcdoWI KafzzlNnA5iocE4I3vrxEG/hCwwbjj47XMY7mlVW46MJeopzoA71t7jF9KFpyJJs xsz9rORMXcswU46ZC+rwDiUTBBpreOJJCe8WCLzhepn1LRrJyvmTSQqzHTcpK2xA JNos6kMSU1xWIJe2J/7hqKU5VbPXGHuARI4wpatzGsSFLS9THCxrcBj43Gfd8zo/ PLR4ipJVenbBRQjEpxPTGDUltkMrdmB84iN8mB2IcfkrUXfMR6hRZijhRwcq2cVu iByoDe9Zn5H5pYbSMUXM2cNVGf+AuNYFB/CUoULC5JrKMq+1JUt4lsyL1NIC5JeR HfD0Xf/4bKhC8z2kBLAe =O1HB -END PGP SIGNATURE-
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products Advisory ID: cisco-sa-20151209-java-deserialization Revision 1.0 For Public Release: 2015 December 9 16:00 GMT +- Summary === A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by submitting crafted input to an application on a targeted system that uses the ACC library. After the vulnerable library on the affected system deserializes the content, the attacker could execute arbitrary code on the system, which could be used to conduct further attacks. On November 6, 2015, Foxglove Security Group published information about a remote code execution vulnerability that affects multiple releases of the ACC library. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. This is a remotely exploitable vulnerability that allows an attacker to inject any malicious code or execute any commands that exist on the server. A wide range of potential impacts includes allowing the attacker to obtain sensitive information. Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. This vulnerability occurs in Java object serialization for network transport and object deserialization on the receiving side. Many applications accept serialized objects from the network without performing input validation checks before deserializing it. Crafted serialized objects can therefore lead to execution of arbitrary attacker code. Although the problem itself is in the serialization and deserialization functionality of the Java programming language, the ACC library is known to be affected by this vulnerability. Any application or application framework could be vulnerable if it uses the ACC library and deserializes arbitrary, user-supplied Java serialized data. Additional details about the vulnerability are available at the following links: Official Vulnerability Note from CERT: http://www.kb.cert.org/vuls/id/576313 Foxglove Security: http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Apache Commons Statement: https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Oracle Security Alert: https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852 Cisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc 3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj u/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9 ue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY aeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89 2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu DT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/ YfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7 UBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME 7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU M0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS g9ZP7zYVhaDCRufDoNVI =nsL1 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability Advisory ID: cisco-sa-20151104-aos Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections. The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted TCP packets to the affected system. Note: A full device reload is needed to recover the system to an operational state. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWOhO3AAoJEIpI1I6i1Mx35gEP/ApOJvVZ6wEgWYYdBEAfPXwu tvZeIqc24MN6OunHtGHgVpiRAINAz6uecaupVTFeOcowJERky2xUTkSfItfM6WiO 85wga7OyA5n+JPw/WNDiMGi05DmqYa3Ut/IAQbn5rFxU61rLlgOBOe+YoaDFBwCJ /d3FLr70/tyqkGTgXCNWUh/Ukb+1k4UMqaJo+rWT1nM93r2ImD0RVJe+NYIb0JhL acXXbPQMqIgtXszi1Hvq8j22OdBZqPTrfiStvJ3vk2uVQlcsXom4uPhk+RmOQZ6l 3+gmV1tZvA4fXqjM3gnMnMlej51VRR4rRsGNuwr4sp9diHONyTnqFHHCGUA/ehei l8fARGSsEd2S4PjnQiMmdPtgYaGCpJRMOIunN0fYCjzxqdwPsLeqzhELbTq8HiFy jTL+RWnaPQUgnfh0LIJ58J6DrzTvWQdHbLtfaJFR4ZSUH9M9xF6oqAJIIb4hxJfv wT0TOQDqijeRc3sTtQGa3Xwhuk7tds86ZYENf+T4YLpnqHtUDV+cIFC7zussWsp4 K60rCM1ek4/s3Vd+t9Muq1F5iTxhUSkpxB5QwwbC2I5BjLkTQweqX+lpu3RVumht 1is3TvabnA6FkUUSJTJRQ040FE+W1GbXGDuX3ba1gPlHGETifC6UXirLaKJce3lj RSEUihVYR0uVFt4EtSoh =VX2W -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Range Request Denial of Service Vulnerability Advisory ID: cisco-sa-20151104-wsa2 Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory. The vulnerability is due to a failure to free memory when a file range is requested through the Cisco WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the WSA. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVjU+hopI1I6i1Mx3AQJRcg/+NIdwN6LOVr8XeSlK2mFK1ixg1ZbsyKeO TCmiSNBpsGf0wHxPWY9qewUHMSkhxZaVvu7szc24EcA5bWbjuexc0scxRFLuU7Nm LyDjmwRmKr/HVUvXg4wYnWT8y3VtijqVSTZSBnjskZGh4LO/095hZblYEas55Jzk QfHuTH554H7IB6zYOoZdbEOCC0CNzl9AyGAuJAmrZ/udlaQs18nurJR9OSayAltM 7sTxH6SIqFyEy2/+8yqpvUEqMNocYqrEasLjbxR0o73vdlJ9wcOKtyPUpcEioRN3 7BqnYiqPurnBZt+CkBbu5ehgq+0wYdFyJfWyrzeNE9LRMD0SyJTrAu68Pvd0e6AS 0TlpCbiSdOrtLm7vl6v+pF6R3sg+Ve7I2v4w7GXjlZapdRN+vEJoObOk2KGot9kV j3BKVy2RFwLgM+HJEvOCYNobQorb7+E72BkkBauBli8BE6pXI6mjvAxpADrYvv5r fxL2enMX0MNtdUKxgV/t8QvAFiFxMf8bV3kfuqRUul+V/MPQF3nbubtebMQruDT+ 3HhyoxwE1xV9HjEWOgrxpEwW/p4nxalF7RTbywbxllaHsMH8hhJYlyFmKL7jkRL8 VS8Oj6PX0P4MJX5TpCsMk8k0pjLYpnGsH+Jbl+CgkLA59DPeerBDhoBH45FbsCMn 80LINw5zqH8= =TsjI -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Mobility Services Engine Static Credential Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Mobility Services Engine Static Credential Vulnerability Advisory ID: cisco-sa-20151104-mse-cred Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the Cisco Mobility Services Engine (MSE) could allow an unauthenticated, remote attacker to log in to the MSE with the default oracle account. This account does not have full administrator privileges. The vulnerability is due to a user account that has a default and static password. This account is created at installation and cannot be changed or deleted without impacting the functionality of the system. An attacker could exploit this vulnerability by remotely connecting to the affected system via SSH using this account. A successful exploit could allow the attacker to log in to the MSE using the default oracle account. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-mse-cred -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVjU/CIpI1I6i1Mx3AQKNjg/9GI0PcbZpae1heXAxTQRq4eKBKlzxIECj gJeC8r8CPUtFnjzxRWx7JmcqWXCD9Yo1/XEOmD+O3bmfc6xg3Ek0XTT08YS5vIi0 hyLW3m1imMElicStf8qB8g0fvGKJksgxnkkwi0gSxTnW9KKfolgNjLFmdjYe7FSs 4JgyqhxMwO46GNXwX6yJL3MfRVCyShQfsQoTKT+x3g+geXdcVcETiSCChZmmqIXJ rUeVpBQf1uGjteuOWUW2DDnztcFSBVt/1t9v5BakgX6sX/pEU6W87NQgq5Gn+1Ur v0XTO1FC9MmXe5E7JFBT8bq6EhQ8ZtqNSh+hjiqx8pMiMUaMB2igPmMknCsVybKI 7y9A4i5+J6TkG96KEtXqbNOer1rejjS3j83Io1yfJe3tUbr/a3t+Mu5pywJEt83N esyDSV6M9FCK9dlhugvoTvw6g9vsmRBwr9gLDhzWbRojMdfIX3DIawgrbmWYLZi4 Zh8y4aADE7jXlVV2viJrSeGVnCYJus5ZBZfWUcnXK8DDVmc1811HOoZ9NBYz10NV KU77Xd4ABMGxTpzhGRMmZ3BS0pPSCcOtXFID4HBZikRzNd5o0nESnCw/XJN2AbF+ 28jvo2LkVc3K/QJLOivLqAa3E4kK5MM0RzIqQnlt5LHAVZXuvH4Ozjfn1Aev1AFp cs6ZocWGsjg= =QO9M -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability Advisory ID: cisco-sa-20150612-esa Revision 2.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the anti-spam scanner of Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the anti-spam functionality of the ESA. The vulnerability is due to improper error handling of a malformed packet in the anti-spam scanner. An attacker could exploit this vulnerability by sending a crafted DNS Sender Policy Framework (SPF) text record. A successful exploit could allow the attacker to bypass the anti-spam scanner and generate a malformed packet alert. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-esa -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVjU+oopI1I6i1Mx3AQLVCg//Q0pNhiu6HbIEHoGVyFAdX0Z1RkbAYrd1 iMReAuei8euJHGVKeWULxT9+uhiobGdkZC0+ZosxvD8vs1cf4o9OqCHZKjfh6OZy haX+mbTez0jnokVEX43UMH9L6Mn9eeJiQY47YUZ1QCBMeRmu5gIfoXSqB4qagItP 9mLmxuetHLDlVLalBYEA3jKDIIs+33fyfCWFOMQI6r5tki1UsGO0F7Xz9JYYdUmo pwq4/gSijrcxbnH8vRmLdwlUgdVk2eje+KE/9+66XN/iW1pqBDKiFjTJvTv7FILr HlPXyftBdgZi5YQTTNXIhEaXfdoaW94TcBlgsr9ZTO15hyZ5fLBarcDpHStu2GPg SKjDRqkftOz36ixXh5LhGhCmVpg2lER1dIrh51Ad0cHPB7AyEChpe1hD6G/TUv5n GWC+BmkX68jCXvVqYpRp3cz/le+2/Q/qKGtvbPDF+kAeq14OyUZW4ruShUzUX8CW iiKIcImPSDuOSs2YeA31JBGsFmf8zZvjYaGQYSMH0AgTiJzAb2C68hz/gOKZoSIp dSC8H0v76xJR75bq1hkB6KpRWusJ4vRLkIuS+G4Dvu8hyukrgwhWeWQVSPjXhu2e qu3xWWDGj7rr3nRjnoQK7MrJ17iNYjDrLe538xP9P7KF6iUwDABHk6RmrIOe2Q7O dDowAhTGRu0= =Sq1c -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability Advisory ID: cisco-sa-20151104-wsa Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the certificate generation process in the admin web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system with root-level privileges. The vulnerability is due to the improper validation of parameters passed to the affected system scripts. An attacker could exploit this vulnerability by passing arbitrary commands as arguments to the affected fields of the web interface. An exploit could allow the attacker to run arbitrary commands on the underlying system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa -BEGIN PGP SIGNATURE- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWOibcAAoJEIpI1I6i1Mx3ANEQAJ+ba8TyxsQ3Krkk3LQG5cEv HcM6gkBD5ZIN/mN114oCxEj09ja8I1uVQeEZ48QpJwsd2lK+6kShhk9dEf1pU+AF O6jQSB5K70pBu0OQiR+cjx6UL4n8rjXFg43A+x96LVf3urnsE2yLO6rwelo5RedZ /9buyqZ0tSlNlShjswtJGWDJb7fXnY8wKYdwdKrc3b/tcmpU9Ae/kCrH5p5lhmE5 QuS2lBDkp5kKR06TWO0dKjoSYXspS/HU8y/ol6Pebb6UdogYeMZCLC5JsbSKzQ3i mwBjLjt6ZA31Q+ML3FTkyv2KgNfFMi3t7tYCu+QPuFKJ2zd29Cbh7FLP+BdYg18P u3g5AdEZWLjBa1Crlo3NhTvH2qS4ZJ8wTMlLg3gk0W0eUnP/PRYFIOmUyP2gv4aU nrigoC/I67jZMnpLcZ1NPHAePdOPzK3YWxbAmCG/2tW2kJfRGAXnRPK/BqhhagVv 2RirzYFK5aYo7nVzXHiSqThtHuSpDnJZeYsVJwRYgHnhCsTwQYxCrLtEU/kF/btg F95Rm2Se3s+R39LK8G8msT4uJq8B1CCe+rnldgV8DR4S+49mZoI59uw240VIed+W JwLwmSPR0njrI+e+DboUaOOyrwrCjzYPe4EVMpTLmkVK6JgEXno/8q0zmwjnHRKv 0MgACGiN3EjEK/Mnq/aH =zUS3 -END PGP SIGNATURE-
Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability Advisory ID: cisco-sa-20151104-wsa1 Revision 1.0 For Public Release 2015 November 4 16:00 UTC (GMT) +- Summary === A vulnerability in the proxy cache functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the device runs out of system memory. The vulnerability is due to improper memory operations by the affected software. The software fails to free a memory object when it retrieves data from the proxy server cache to terminate a TCP connection. An attacker could exploit this vulnerability by opening many proxy connections through the WSA. An exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is leaked. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVjU+cYpI1I6i1Mx3AQI+ww//RagxLWcIsbnUqMk4yZ0BZmSMjcpNqgUp CLz5cIhCX3P4/6kK0mc1ad3o6LtqFeMCc0cooj6p83+CfeatAfdg8A65HrJ8Pp8S 5JimnhoAtMkAQUrUJJ0ch/mB4TMMhAGHSNnfBoleDhzn2Cc6uvk9MMNds5ERwU0z HHRq+kpVSzawf9LJpWpauf1RulXxH5KgsuQ7eeSqCdRGPGrH5Eg3FyA4O0DrACf4 FlgTvjz2qcXiwneQtOZ/eTD7N18YNgh3c/IqIwjWTDTJCUmEXRNfgDjZFP0aDv9f 6qhDJh2D18Fdh+EA+Y0iVUXP6r7HJrASM2qAqqJPSoawheyCZx48+gi5+QB/p7Ds M2MR6EgblF8DQcZHByMF7k8HCCMZEZu8PIqOwLQfI4v40qTTsKP4g4+IngdaGZ7h dFkM+93cpk+GbZIc7ATaePxnzA9l6T77eSYnfxIxHPHSZShU43W4W+mubyZyjeEz dwUPWv9Dm9uvZjH375aBmVFzxcdttXPSHq7iatpguEeojUGOl2kFRU4FYdPLx54b B4AMxlkwq73vhCEgoHjQ+pLMo3ep9tMjegfs0TlRwCi3lh8fBCzUojdMSJaQS8+V 8ipBwfieLRKHIDH8cV6y1FFKMmKc5tvb5yvXJnbXO+kltDhC9SpjKtqFkY7P7gV4 EpOZS1OWeE8= =jTdT -END PGP SIGNATURE-