jetlib.sec » Tags » cisco-security

Feeds

133351 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

393 items tagged "cisco security"

Related tags: vulnerabilities [+], asa [+], denial [+], code execution [+], cisco wireless [+], system [+], srp [+], multiple [+], cisco small [+], cisco show [+], cisco catalyst 6500 [+], Software [+], wlc [+], translation [+], nat [+], lan controller [+], ipv [+], ip version 4 [+], cisco nexus [+], cisco network [+], cisco callmanager [+], c series [+], attacker [+], aggregation services [+], account [+], cisco ios [+], video [+], smart [+], security appliances [+], network address translation [+], fwsm [+], cucm [+], ciscoworks [+], cisco ios device [+], cisco devices [+], appliances [+], web [+], unity connection [+], ssh [+], security response [+], routers [+], response [+], phone [+], media [+], lan management solution [+], ios software [+], interface processor [+], experience engine [+], digital [+], default [+], cisco webex [+], cisco unity connection [+], cisco telepresence video [+], cisco rvs [+], cisco ip [+], cisco content [+], cisco cius [+], cisco asr [+], cisco anyconnect [+], business [+], apache [+], adaptive security [+], zbfw [+], web server user [+], web server engine [+], web server component [+], web interface [+], vulnerability exploitation [+], user [+], udp port numbers [+], udp [+], uccx [+], train customers [+], telepresence system [+], ssh login [+], sip [+], service advertisement [+], secure [+], sami [+], router [+], root [+], registrar software [+], protocol sip [+], program execution [+], product [+], privilege [+], port [+], platform configuration [+], patch [+], password [+], nx os [+], nexus [+], ncnipc [+], n wireless  [+], n gigabit [+], mxe [+], microsoft activex technology [+], memory exhaustion [+], management [+], mace [+], ise [+], ip phones [+], intrusion prevention system [+], interactive voice response [+], integrator [+], installation [+], install [+], exploitation [+], endpoints [+], discovery protocol [+], directory traversal [+], device configuration [+], cuc [+], csa [+], common services [+], client [+], cisco wrvs [+], cisco video [+], cisco unity [+], cisco service [+], cisco secure access control [+], cisco secure [+], cisco psirt [+], cisco nx os [+], cisco network registrar [+], cisco internet [+], cisco clientless [+], cisco cds [+], cisco carrier [+], cisco applied [+], cisco [+], china [+], authentication services [+], asr [+], arbitrary program [+], apache httpd server [+], activex [+], acs database [+], access control lists [+], cisco ios software [+], webex [+], tmp filesystem [+], server default [+], server [+], recording [+], network [+], nac [+], multiple buffer overflow [+], management interface [+], lan controllers [+], ironport cisco [+], ipv6 protocol stack [+], firewall services [+], dlsw cisco [+], dlsw [+], cusm [+], cisco ironport [+], camera [+], buffer overflow vulnerabilities [+], cisco security advisory [+], cisco unified communications manager [+], advisory [+], unified [+], wrvs [+], wrf [+], wireless lan [+], web management [+], vulnerable version [+], video phone [+], unified communications [+], traversal [+], traffic optimization [+], tags [+], switches [+], stephen dugan [+], sshv [+], solution [+], shared [+], share [+], session [+], service monitor [+], server vulnerability [+], series switches [+], security vulnerabilities [+], security authors [+], security agent [+], security [+], rsvp [+], root account [+], query interface [+], query [+], privilege escalation vulnerability [+], port adapters [+], player [+], packet [+], overflow [+], open query [+], open [+], module [+], meeting [+], manager denial [+], malformed [+], internet key exchange [+], intercompany [+], ike [+], httpd [+], gateway [+], firewall [+], escalation [+], dugan [+], directory [+], delivery [+], credentials [+], control protocol [+], content delivery [+], content [+], contact [+], console [+], communications manager [+], communication [+], common [+], command execution [+], ciscoworks lan management solution [+], cisco xr [+], cisco firewall [+], cisco event [+], buffer [+], black hat [+], black [+], authors [+], asia [+], arbitrary command [+], apache httpd [+], agent management [+], admission control [+], access control list [+], cisco telepresence [+], service vulnerability [+], series [+], dos vulnerability [+], cisco catalyst [+], bugtraq [+], denial of service [+], cisco unified [+], session initiation protocol [+], device [+], service [+], directory traversal vulnerability [+], communications [+], free software updates [+], vulnerability [+], web server directory, vsc, videoconferencing products, videoconferencing, video units, video surveillance cameras, txt, tcp segment, tcp, sslvpn, ssh version, ssh connection, sql injection, sql commands, sql, softswitch, soap, snmp, servlet access, series routers, security incident response, secure desktop, secunia, sccp, remote, radius authentication, protocol, process, presence, prefix, platform, pgw, overflow vulnerability, network access control, nat skinny, multipoint, microsoft windows operating systems, memory, meetingplace, mediator, media gateway control protocol, media gateway control, manager. these, manager express, ldp, label distribution protocol, ironport, ipsec, ipm, ios, internetwork, internet group management protocol, internet group management, internet, inspection, injection, information leakage, industrial ethernet, incident response team, igmp, host device, firewall packet, extension, engine, dos, dmp, dmm, denial of service dos, data content, cucme, cts, csg, csd, control, contact center, coded, code, cisco uvc, cisco product, cisco pgw, cisco ios software release, cisco industrial, cisco fwsm, cisco application, center, cds, call, buffer overflow vulnerability, border gateway protocol, bgp peer, bgp, arbitrary code execution, arbitrary code, application module, application extension, application control, application configuration, application, agent, activex control, ace application, ace, access control system, access

• April 04, 2012
• 18:19

  Cisco Security Advisory 20120404-webex

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco WebEx Recording Format (WRF) player contains three buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from www.webex.com. If the WRF player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com. Cisco has updated affected versions of the WebEx meeting sites and WRF player to address these vulnerabilities.

  Tags:  meeting player wrf cisco-webex cisco-security cisco-security-advisory buffer-overflow-vulnerabilities vulnerable-version  

• March 28, 2012
• 22:01

  Cisco Security Advisory 20120328-pai

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to exceed its authorization level when authentication, authorization, and accounting (AAA) authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the Cisco IOS device. Products that are not running Cisco IOS Software are not vulnerable. Cisco has released free software updates that address these vulnerabilities. The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-ios-device cisco-security-advisory  

• 22:01

  Cisco Security Advisory 20120328-pai

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to exceed its authorization level when authentication, authorization, and accounting (AAA) authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the Cisco IOS device. Products that are not running Cisco IOS Software are not vulnerable. Cisco has released free software updates that address these vulnerabilities. The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-ios-device cisco-security-advisory  

• 22:01

  Cisco Security Advisory 20120328-pai

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A vulnerability exists in the Cisco IOS Software that may allow a remote application or device to exceed its authorization level when authentication, authorization, and accounting (AAA) authorization is used. This vulnerability requires that the HTTP or HTTPS server is enabled on the Cisco IOS device. Products that are not running Cisco IOS Software are not vulnerable. Cisco has released free software updates that address these vulnerabilities. The HTTP server may be disabled as a workaround for the vulnerability described in this advisory.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-ios-device cisco-security-advisory  

• 22:01

  Cisco Security Advisory 20120328-ssh

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  ssh vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates ssh-login  

• 22:01

  Cisco Security Advisory 20120328-ssh

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  ssh vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates ssh-login  

• 22:01

  Cisco Security Advisory 20120328-ssh

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  ssh vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates ssh-login  

• 22:00

  Cisco Security Advisory 20120328-nat

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets. The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available.

  Tags:  advisory vulnerability translation nat cisco-ios cisco-security session-initiation-protocol cisco-security-advisory cisco-ios-software  

• 22:00

  Cisco Security Advisory 20120328-nat

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets. The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available.

  Tags:  advisory vulnerability translation nat cisco-ios cisco-security session-initiation-protocol cisco-security-advisory cisco-ios-software  

• 22:00

  Cisco Security Advisory 20120328-nat

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets. The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available.

  Tags:  advisory vulnerability translation nat cisco-ios cisco-security session-initiation-protocol cisco-security-advisory cisco-ios-software  

• 21:46

  Cisco Security Advisory 20120328-mace

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.

  Tags:  attacker router Software mace cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 21:46

  Cisco Security Advisory 20120328-mace

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.

  Tags:  attacker router Software mace cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 21:46

  Cisco Security Advisory 20120328-mace

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.

  Tags:  attacker router Software mace cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:55

  Cisco Security Advisory 20120328-ike

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco IOS Software Internet Key Exchange (IKE) feature contains a denial of service (DoS) vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios ike cisco-security cisco-ios-software cisco-security-advisory internet-key-exchange  

• 20:55

  Cisco Security Advisory 20120328-smartinstall

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

  Tags:  vulnerability smart install cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:55

  Cisco Security Advisory 20120328-smartinstall

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

  Tags:  vulnerability smart install cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:55

  Cisco Security Advisory 20120328-smartinstall

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

  Tags:  vulnerability smart install cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:43

  Cisco Security Advisory 20120328-rsvp

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:43

  Cisco Security Advisory 20120328-rsvp

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:43

  Cisco Security Advisory 20120328-rsvp

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory free-software-updates  

• 20:38

  Cisco Security Advisory 20120328-msdp

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates discovery-protocol  

• 20:38

  Cisco Security Advisory 20120328-msdp

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates discovery-protocol  

• 20:38

  Cisco Security Advisory 20120328-msdp

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A vulnerability in the Multicast Source Discovery Protocol (MSDP) implementation of Cisco IOS Software and Cisco IOS XE Software could allow a remote, unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory free-software-updates discovery-protocol  

• 12:01

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability

  Tags:  advisory network Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory network-address-translation  

• 12:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability

  Tags:  advisory Software ssh cisco-ios cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• 11:11

  Bugtraq: Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability

  Tags:  advisory rsvp Software cisco-ios cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• 11:03

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features

  Tags:  vulnerabilities advisory multiple cisco-ios cisco-security traffic-optimization ios-software  

• 11:03

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability

  Tags:  advisory smart Software cisco-ios cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• March 14, 2012
• 20:03

  Cisco Security Advisory 20120314-fwsm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) contains a Protocol Independent Multicast (PIM) Denial of Service Vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds available that mitigate this vulnerability.

  Tags:  advisory vulnerability fwsm cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 20:03

  Cisco Security Advisory 20120314-fwsm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) contains a Protocol Independent Multicast (PIM) Denial of Service Vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds available that mitigate this vulnerability.

  Tags:  advisory vulnerability fwsm cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 20:02

  Cisco Security Advisory 20120314-asa

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities: * Cisco ASA UDP Inspection Engine Denial of Service Vulnerability * Cisco ASA Threat Detection Denial of Service Vulnerability * Cisco ASA Syslog Message 305006 Denial of Service Vulnerability * Protocol-Independent Multicast Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities.

  Tags:  asa denial service cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 20:02

  Cisco Security Advisory 20120314-asa

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities: * Cisco ASA UDP Inspection Engine Denial of Service Vulnerability * Cisco ASA Threat Detection Denial of Service Vulnerability * Cisco ASA Syslog Message 305006 Denial of Service Vulnerability * Protocol-Independent Multicast Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities.

  Tags:  asa denial service cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 20:02

  Cisco Security Advisory 20120314-asaclient

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  vulnerability asa activex cisco-security cisco-clientless microsoft-activex-technology cisco-security-advisory free-software-updates  

• 20:02

  Cisco Security Advisory 20120314-asaclient

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  vulnerability asa activex cisco-security cisco-clientless microsoft-activex-technology cisco-security-advisory free-software-updates  

• 20:02

  Cisco Security Advisory 20120314-asaclient

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  vulnerability asa activex cisco-security cisco-clientless microsoft-activex-technology cisco-security-advisory free-software-updates  

• 13:01

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

  Tags:  advisory asa series cisco-catalyst cisco-security security-appliances adaptive-security  

• 13:01

  Bugtraq: Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

  Tags:  module advisory firewall cisco-security cisco-security-advisory cisco-firewall firewall-services  

• February 29, 2012
• 19:21

  Cisco Security Advisory 20120229-wlc

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by denial of service and unauthorized access vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.

  Tags:  advisory wlc product cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates  

• 19:21

  Cisco Security Advisory 20120229-wlc

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by denial of service and unauthorized access vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.

  Tags:  advisory wlc product cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates  

• 19:21

  Cisco Security Advisory 20120229-wlc

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by denial of service and unauthorized access vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.

  Tags:  advisory wlc product cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates  

• 19:12

  Cisco Security Advisory 20120229-cucm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified Communications Manager devices may allow a remote, unauthenticated attacker with the ability to send crafted Skinny Client Control Protocol (SCCP) messages to an affected device to cause a reload or execute attacker-controlled SQL code. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory unified cucm cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 19:12

  Cisco Security Advisory 20120229-cucm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Communications Manager devices may allow a remote, unauthenticated attacker with the ability to send crafted Skinny Client Control Protocol (SCCP) messages to an affected device to cause a reload or execute attacker-controlled SQL code. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory unified cucm cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 19:12

  Cisco Security Advisory 20120229-cucm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Communications Manager devices may allow a remote, unauthenticated attacker with the ability to send crafted Skinny Client Control Protocol (SCCP) messages to an affected device to cause a reload or execute attacker-controlled SQL code. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory unified cucm cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 19:12

  Cisco Security Advisory 20120229-vcs

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  video advisory Software cisco-telepresence cisco-security cisco-security-advisory free-software-updates cisco-telepresence-video  

• 19:12

  Cisco Security Advisory 20120229-vcs

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  video advisory Software cisco-telepresence cisco-security cisco-security-advisory free-software-updates cisco-telepresence-video  

• 19:12

  Cisco Security Advisory 20120229-vcs

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  video advisory Software cisco-telepresence cisco-security cisco-security-advisory free-software-updates cisco-telepresence-video  

• 15:11

  Cisco Security Advisory 20120229-cuc

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unity Connection suffers from privilege escalation and denial of service vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  cuc advisory privilege cisco-unity-connection cisco-security cisco-security-advisory unity-connection cisco-unity  

• 15:11

  Cisco Security Advisory 20120229-cuc

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unity Connection suffers from privilege escalation and denial of service vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  cuc advisory privilege cisco-unity-connection cisco-security cisco-security-advisory unity-connection cisco-unity  

• 15:11

  Cisco Security Advisory 20120229-cuc

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unity Connection suffers from privilege escalation and denial of service vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

  Tags:  cuc advisory privilege cisco-unity-connection cisco-security cisco-security-advisory unity-connection cisco-unity  

• 12:00

  Bugtraq: Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities

  Tags:  video advisory communication cisco-telepresence cisco-security session-initiation-protocol cisco-security-advisory cisco-telepresence-video  

• 11:19

  Cisco Security Advisory 20120229-cius

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-security cisco-cius cisco-security-advisory free-software-updates service-vulnerability  

• 11:19

  Cisco Security Advisory 20120229-cius

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-security cisco-cius cisco-security-advisory free-software-updates service-vulnerability  

• 11:19

  Cisco Security Advisory 20120229-cius

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Cius Software contains a denial of service vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-security cisco-cius cisco-security-advisory free-software-updates service-vulnerability  

• 11:02

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection

  Tags:  vulnerabilities advisory multiple cisco-unity-connection cisco-security unity-connection bugtraq  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability

  Tags:  advisory denial service cisco-security cisco-cius cisco-security-advisory service-vulnerability denial-of-service  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities

  Tags:  advisory unified communications cisco-security cisco-unified-communications-manager control-protocol  

• 10:00

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

  Tags:  vulnerabilities advisory multiple cisco-wireless cisco-security lan-controllers wireless-lan  

• February 23, 2012
• 21:42

  Cisco Security Advisory 20120223-srp500

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.

  Tags:  srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco  

• 21:42

  Cisco Security Advisory 20120223-srp500

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.

  Tags:  srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco  

• 21:42

  Cisco Security Advisory 20120223-srp500

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.

  Tags:  srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco  

• February 16, 2012
• 8:01

  Bugtraq: Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability

  Tags:  advisory malformed nx-os cisco-nx-os cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• February 15, 2012
• 19:35

  Cisco Security Advisory 20120215-nxos

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory nx-os Software cisco-nx-os cisco-nexus cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 19:35

  Cisco Security Advisory 20120215-nxos

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory nx-os Software cisco-nx-os cisco-nexus cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• January 26, 2012
• 13:17

  Cisco Security Advisory 20120126-ironport

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability appliances cisco-ironport cisco-security cisco-security-advisory ironport-cisco  

• 13:17

  Cisco Security Advisory 20120126-ironport

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability appliances cisco-ironport cisco-security cisco-security-advisory ironport-cisco  

• January 18, 2012
• 14:01

  Bugtraq: Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account

  Tags:  video advisory phone cisco-security cisco-ip cisco-security-advisory root-account video-phone  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability

  Tags:  digital advisory media cisco-security cisco-security-advisory privilege-escalation-vulnerability escalation  

• 8:51

  Cisco Security Advisory 20120118-dmm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  digital vulnerability media cisco-show cisco-security cisco-security-advisory free-software-updates authentication-services  

• 8:51

  Cisco Security Advisory 20120118-dmm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  digital vulnerability media cisco-show cisco-security cisco-security-advisory free-software-updates authentication-services  

• 8:51

  Cisco Security Advisory 20120118-dmm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  digital vulnerability media cisco-show cisco-security cisco-security-advisory free-software-updates authentication-services  

• 8:47

  Cisco Security Advisory 20120118-te

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability device cisco-telepresence cisco-security cisco-ip cisco-security-advisory free-software-updates  

• 8:47

  Cisco Security Advisory 20120118-te

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability device cisco-telepresence cisco-security cisco-ip cisco-security-advisory free-software-updates  

• 8:47

  Cisco Security Advisory 20120118-te

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  advisory vulnerability device cisco-telepresence cisco-security cisco-ip cisco-security-advisory free-software-updates  

• November 12, 2011
• 21:25

  [Slides] Cisco Security

   » ‎ SecDocs
  Authors: Stephen Dugan
  Tags: Cisco
  Event: Black Hat Asia 2002
  

  Tags:  authors black tags stephen-dugan cisco-event cisco-security asia security-authors black-hat dugan  

• November 09, 2011
• 13:00

  Bugtraq: Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error

  Tags:  system advisory integrator cisco-telepresence c-series cisco-security cisco-security-advisory telepresence-system  

• 10:20

  Cisco Security Advisory 20111109-telepresence-c-ex-serie

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Software that runs on Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series devices was updated to include secure default configurations beginning with the TC4.0 release. This change was accompanied by the release of Cisco Security Advisory cisco-sa-20110202-tandberg. Due to a manufacturing error, Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series devices that were distributed between November 18th, 2010 and September 19th, 2011 may have the root account enabled. Information on how to identify affected devices is available in the Details section of this advisory. Information on how to remediate this issue is available in the Workarounds section of this advisory.

  Tags:  system advisory integrator cisco-telepresence c-series cisco-security cisco-security-advisory telepresence-system  

• 10:20

  Cisco Security Advisory 20111109-telepresence-c-ex-serie

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Software that runs on Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series devices was updated to include secure default configurations beginning with the TC4.0 release. This change was accompanied by the release of Cisco Security Advisory cisco-sa-20110202-tandberg. Due to a manufacturing error, Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series devices that were distributed between November 18th, 2010 and September 19th, 2011 may have the root account enabled. Information on how to identify affected devices is available in the Details section of this advisory. Information on how to remediate this issue is available in the Workarounds section of this advisory.

  Tags:  system advisory integrator cisco-telepresence c-series cisco-security cisco-security-advisory telepresence-system  

• November 02, 2011
• 15:50

  Cisco Security Advisory 20111102-srp500

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability. The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  srp advisory vulnerability cisco-small cisco-security cisco-security-advisory free-software-updates platform-configuration  

• 15:50

  Cisco Security Advisory 20111102-srp500

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability. The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  srp advisory vulnerability cisco-small cisco-security cisco-security-advisory free-software-updates platform-configuration  

• 15:50

  Cisco Security Advisory 20111102-srp500

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability. The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

  Tags:  srp advisory vulnerability cisco-small cisco-security cisco-security-advisory free-software-updates platform-configuration  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability

  Tags:  advisory srp business cisco-small cisco-security cisco-security-advisory bugtraq vulnerability  

• October 26, 2011
• 14:01

  Bugtraq: Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

  Tags:  advisory denial service cisco-video cisco-security service-vulnerability denial-of-service  

• 14:01

  Bugtraq: Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability

  Tags:  advisory contact unified cisco-security cisco-security-advisory directory-traversal-vulnerability bugtraq  

• 14:01

  Bugtraq: Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player

  Tags:  advisory buffer overflow cisco-webex cisco-security cisco-security-advisory buffer-overflow-vulnerabilities bugtraq  

• 13:06

  Bugtraq: Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability

  Tags:  advisory unified communications cisco-security directory-traversal-vulnerability cisco-unified-communications-manager  

• 11:04

  Cisco Security Advisory 20111026-webex

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. Cisco has released free software updates that address these vulnerabilities.

  Tags:  advisory multiple webex cisco-webex cisco-security cisco-security-advisory free-software-updates multiple-buffer-overflow  

• 11:04

  Cisco Security Advisory 20111026-webex

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. Cisco has released free software updates that address these vulnerabilities.

  Tags:  advisory multiple webex cisco-webex cisco-security cisco-security-advisory free-software-updates multiple-buffer-overflow  

• 11:02

  Cisco Security Advisory 20111026-csa

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to perform remote code execution on the affected device. These vulnerabilities are in a third-party library (Oracle Outside In) and are documented in CERT-CC Vulnerability Note VU#520721. Cisco has released free software updates that address this vulnerability. No workaround is available to mitigate these vulnerabilities.

  Tags:  advisory vulnerability csa cisco-security cisco-security-advisory free-software-updates code-execution  

• 11:02

  Cisco Security Advisory 20111026-csa

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to perform remote code execution on the affected device. These vulnerabilities are in a third-party library (Oracle Outside In) and are documented in CERT-CC Vulnerability Note VU#520721. Cisco has released free software updates that address this vulnerability. No workaround is available to mitigate these vulnerabilities.

  Tags:  advisory vulnerability csa cisco-security cisco-security-advisory free-software-updates code-execution  

• 11:02

  Cisco Security Advisory 20111026-csa

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to perform remote code execution on the affected device. These vulnerabilities are in a third-party library (Oracle Outside In) and are documented in CERT-CC Vulnerability Note VU#520721. Cisco has released free software updates that address this vulnerability. No workaround is available to mitigate these vulnerabilities.

  Tags:  advisory vulnerability csa cisco-security cisco-security-advisory free-software-updates code-execution  

• 10:58

  Cisco Security Advisory 20111026-uccx

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) contain a directory traversal vulnerability that may allow a remote, unauthenticated attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  uccx advisory vulnerability cisco-unified cisco-security cisco-security-advisory interactive-voice-response directory-traversal-vulnerability  

• 10:58

  Cisco Security Advisory 20111026-uccx

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) contain a directory traversal vulnerability that may allow a remote, unauthenticated attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  uccx advisory vulnerability cisco-unified cisco-security cisco-security-advisory interactive-voice-response directory-traversal-vulnerability  

• 10:58

  Cisco Security Advisory 20111026-uccx

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Contact Center Express (UCCX or Unified CCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) contain a directory traversal vulnerability that may allow a remote, unauthenticated attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  uccx advisory vulnerability cisco-unified cisco-security cisco-security-advisory interactive-voice-response directory-traversal-vulnerability  

• 10:55

  Cisco Security Advisory 20111026-cucm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains a directory traversal vulnerability that may allow an unauthenticated, remote attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  advisory vulnerability cucm cisco-security cisco-security-advisory directory-traversal-vulnerability cisco-unified-communications-manager  

• 10:55

  Cisco Security Advisory 20111026-cucm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains a directory traversal vulnerability that may allow an unauthenticated, remote attacker to retrieve arbitrary files from the filesystem. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  advisory vulnerability cucm cisco-security cisco-security-advisory directory-traversal-vulnerability cisco-unified-communications-manager  

• 10:54

  Cisco Security Advisory 20111026-camera

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator. There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.

  Tags:  advisory vulnerability camera cisco-video cisco-security cisco-security-advisory dos-vulnerability cisco-devices  

• 10:54

  Cisco Security Advisory 20111026-camera

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator. There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.

  Tags:  advisory vulnerability camera cisco-video cisco-security cisco-security-advisory dos-vulnerability cisco-devices  

• October 20, 2011
• 11:00

  Bugtraq: Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities

  Tags:  vulnerabilities advisory share cisco-show cisco-security cisco-security-advisory security-vulnerabilities bugtraq  

• 11:00

  Bugtraq: Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability

  Tags:  advisory common ciscoworks cisco-security command-execution arbitrary-command  

• October 19, 2011
• 15:30

  Cisco Security Advisory 20111019-cs

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - CiscoWorks Common Services for Microsoft Windows contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  advisory vulnerability system cisco-security cisco-security-advisory free-software-updates common-services  

• 15:30

  Cisco Security Advisory 20111019-cs

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - CiscoWorks Common Services for Microsoft Windows contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  advisory vulnerability system cisco-security cisco-security-advisory free-software-updates common-services  

• 15:30

  Cisco Security Advisory 20111019-cs

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - CiscoWorks Common Services for Microsoft Windows contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

  Tags:  advisory vulnerability system cisco-security cisco-security-advisory free-software-updates common-services  

• 15:30

  Cisco Security Advisory 20111019-sns

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Show and Share webcasting and video sharing application contains two vulnerabilities. The first vulnerability allows an unauthenticated user to access several administrative web pages. The second vulnerability permits an authenticated user to execute arbitrary code on the device under the privileges of the web server user account. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities.

  Tags:  advisory user vulnerability cisco-show cisco-security cisco-security-advisory free-software-updates web-server-user  

• 15:30

  Cisco Security Advisory 20111019-sns

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Show and Share webcasting and video sharing application contains two vulnerabilities. The first vulnerability allows an unauthenticated user to access several administrative web pages. The second vulnerability permits an authenticated user to execute arbitrary code on the device under the privileges of the web server user account. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities.

  Tags:  advisory user vulnerability cisco-show cisco-security cisco-security-advisory free-software-updates web-server-user  

• 15:30

  Cisco Security Advisory 20111019-sns

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Show and Share webcasting and video sharing application contains two vulnerabilities. The first vulnerability allows an unauthenticated user to access several administrative web pages. The second vulnerability permits an authenticated user to execute arbitrary code on the device under the privileges of the web server user account. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities.

  Tags:  advisory user vulnerability cisco-show cisco-security cisco-security-advisory free-software-updates web-server-user  

• October 06, 2011
• 8:00

  Bugtraq: Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager

  Tags:  directory advisory traversal cisco-network cisco-security cisco-security-advisory directory-traversal-vulnerability admission-control  

• 8:00

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

  Tags:  vulnerabilities advisory multiple cisco-security firewall-services bugtraq  

• October 05, 2011
• 18:38

  Cisco Security Advisory 20111005-fwsm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by denial of service and authentication bypass vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities disclosed in this advisory.

  Tags:  advisory series fwsm cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 18:38

  Cisco Security Advisory 20111005-fwsm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by denial of service and authentication bypass vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities disclosed in this advisory.

  Tags:  advisory series fwsm cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 18:38

  Cisco Security Advisory 20111005-fwsm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by denial of service and authentication bypass vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities disclosed in this advisory.

  Tags:  advisory series fwsm cisco-catalyst cisco-security cisco-security-advisory free-software-updates cisco-catalyst-6500  

• 18:36

  Cisco Security Advisory 20111005-nac

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Network Admission Control (NAC) Manager contains a directory traversal vulnerability that may allow an unauthenticated attacker to obtain system information. There are no workarounds to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability nac cisco-network cisco-security cisco-security-advisory directory-traversal-vulnerability free-software-updates  

• 18:36

  Cisco Security Advisory 20111005-nac

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Network Admission Control (NAC) Manager contains a directory traversal vulnerability that may allow an unauthenticated attacker to obtain system information. There are no workarounds to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability nac cisco-network cisco-security cisco-security-advisory directory-traversal-vulnerability free-software-updates  

• 17:55

  Cisco Security Advisory 20111005-asa

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by denial of service and authentication bypass vulnerabilities.

  Tags:  advisory asa series cisco-catalyst cisco-security cisco-security-advisory security-appliances adaptive-security  

• 17:55

  Cisco Security Advisory 20111005-asa

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by denial of service and authentication bypass vulnerabilities.

  Tags:  advisory asa series cisco-catalyst cisco-security cisco-security-advisory security-appliances adaptive-security  

• 17:55

  Cisco Security Advisory 20111005-asa

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by denial of service and authentication bypass vulnerabilities.

  Tags:  advisory asa series cisco-catalyst cisco-security cisco-security-advisory security-appliances adaptive-security  

• September 28, 2011
• 14:57

  Cisco Security Advisory 20110928-ipsla

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco IOS IP Service Level Agreement (IP SLA) feature contains a denial of service (DoS) vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the vulnerable UDP IP SLA operation or for the UDP responder ports. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability udp cisco-security cisco-security-advisory udp-port-numbers free-software-updates  

• 14:57

  Cisco Security Advisory 20110928-ipsla

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco IOS IP Service Level Agreement (IP SLA) feature contains a denial of service (DoS) vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the vulnerable UDP IP SLA operation or for the UDP responder ports. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability udp cisco-security cisco-security-advisory udp-port-numbers free-software-updates  

• 14:57

  Cisco Security Advisory 20110928-ipsla

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco IOS IP Service Level Agreement (IP SLA) feature contains a denial of service (DoS) vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the vulnerable UDP IP SLA operation or for the UDP responder ports. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability udp cisco-security cisco-security-advisory udp-port-numbers free-software-updates  

• 14:56

  Cisco Security Advisory 20110928-smart-install

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A vulnerability exists in the Smart Install feature of Cisco Catalyst Switches running Cisco IOS Software that could allow an unauthenticated, remote attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability other than disabling the Smart Install feature.

  Tags:  advisory vulnerability Software cisco-catalyst cisco-ios cisco-security cisco-security-advisory free-software-updates code-execution  

• 14:56

  Cisco Security Advisory 20110928-smart-install

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A vulnerability exists in the Smart Install feature of Cisco Catalyst Switches running Cisco IOS Software that could allow an unauthenticated, remote attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability other than disabling the Smart Install feature.

  Tags:  advisory vulnerability Software cisco-catalyst cisco-ios cisco-security cisco-security-advisory free-software-updates code-execution  

• 14:56

  Cisco Security Advisory 20110928-smart-install

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A vulnerability exists in the Smart Install feature of Cisco Catalyst Switches running Cisco IOS Software that could allow an unauthenticated, remote attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability other than disabling the Smart Install feature.

  Tags:  advisory vulnerability Software cisco-catalyst cisco-ios cisco-security cisco-security-advisory free-software-updates code-execution  

• 14:53

  Cisco Security Advisory 20110928-zbfw

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System (IPS) and Cisco IOS Zone-Based Firewall features.

  Tags:  advisory zbfw Software cisco-ios cisco-security cisco-ios-software intrusion-prevention-system cisco-security-advisory  

• 14:53

  Cisco Security Advisory 20110928-zbfw

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System (IPS) and Cisco IOS Zone-Based Firewall features.

  Tags:  advisory zbfw Software cisco-ios cisco-security cisco-ios-software intrusion-prevention-system cisco-security-advisory  

• 14:53

  Cisco Security Advisory 20110928-zbfw

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System (IPS) and Cisco IOS Zone-Based Firewall features.

  Tags:  advisory zbfw Software cisco-ios cisco-security cisco-ios-software intrusion-prevention-system cisco-security-advisory  

• 14:52

  Cisco Security Advisory 20110928-xcpcupsxml

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in Jabber Extensible Communications Platform (Jabber XCP) and Cisco Unified Presence. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious XML to an affected server. Successful exploitation of this vulnerability could cause elevated memory and CPU utilization, resulting in memory exhaustion and process crashes. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability.

  Tags:  advisory exploitation vulnerability cisco-unified cisco-security cisco-security-advisory memory-exhaustion dos-vulnerability  

• 14:52

  Cisco Security Advisory 20110928-xcpcupsxml

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in Jabber Extensible Communications Platform (Jabber XCP) and Cisco Unified Presence. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious XML to an affected server. Successful exploitation of this vulnerability could cause elevated memory and CPU utilization, resulting in memory exhaustion and process crashes. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability.

  Tags:  advisory exploitation vulnerability cisco-unified cisco-security cisco-security-advisory memory-exhaustion dos-vulnerability  

• 14:52

  Cisco Security Advisory 20110928-xcpcupsxml

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in Jabber Extensible Communications Platform (Jabber XCP) and Cisco Unified Presence. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious XML to an affected server. Successful exploitation of this vulnerability could cause elevated memory and CPU utilization, resulting in memory exhaustion and process crashes. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability.

  Tags:  advisory exploitation vulnerability cisco-unified cisco-security cisco-security-advisory memory-exhaustion dos-vulnerability  

• 14:51

  Cisco Security Advisory 20110928-cucm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

  Tags:  advisory vulnerability unified cisco-security session-initiation-protocol cisco-security-advisory cisco-unified-communications-manager  

• 14:51

  Cisco Security Advisory 20110928-cucm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

  Tags:  advisory vulnerability unified cisco-security session-initiation-protocol cisco-security-advisory cisco-unified-communications-manager  

• 14:51

  Cisco Security Advisory 20110928-cucm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

  Tags:  advisory vulnerability unified cisco-security session-initiation-protocol cisco-security-advisory cisco-unified-communications-manager  

• 14:51

  Cisco Security Advisory 20110928-sip

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

  Tags:  advisory sip Software cisco-ios cisco-security session-initiation-protocol cisco-security-advisory protocol-sip  

• 14:51

  Cisco Security Advisory 20110928-sip

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

  Tags:  advisory sip Software cisco-ios cisco-security session-initiation-protocol cisco-security-advisory protocol-sip  

• 14:51

  Cisco Security Advisory 20110928-sip

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

  Tags:  advisory sip Software cisco-ios cisco-security session-initiation-protocol cisco-security-advisory protocol-sip  

• 14:10

  Cisco Security Advisory 20110928-nat

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of multiple protocols. Cisco has released free software updates that address these vulnerabilities.

  Tags:  advisory translation Software nat cisco-ios cisco-security cisco-security-advisory cisco-ios-software network-address-translation  

• 14:10

  Cisco Security Advisory 20110928-nat

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of multiple protocols. Cisco has released free software updates that address these vulnerabilities.

  Tags:  advisory translation Software nat cisco-ios cisco-security cisco-security-advisory cisco-ios-software network-address-translation  

• 14:10

  Cisco Security Advisory 20110928-nat

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of multiple protocols. Cisco has released free software updates that address these vulnerabilities.

  Tags:  advisory translation Software nat cisco-ios cisco-security cisco-security-advisory cisco-ios-software network-address-translation  

• 13:55

  Cisco Security Advisory 20110928-ipv6mpls

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 (IPv6) packets over a Multiprotocol Label Switching (MPLS) domain. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory ipv Software cisco-ios cisco-security cisco-ios-software cisco-ios-device cisco-security-advisory  

• 13:55

  Cisco Security Advisory 20110928-ipv6mpls

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 (IPv6) packets over a Multiprotocol Label Switching (MPLS) domain. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory ipv Software cisco-ios cisco-security cisco-ios-software cisco-ios-device cisco-security-advisory  

• 13:54

  Cisco Security Advisory 20110928-ipv6

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

  Tags:  advisory vulnerability ipv cisco-ios cisco-security ipv6-protocol-stack cisco-ios-software cisco-security-advisory  

• 13:54

  Cisco Security Advisory 20110928-ipv6

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

  Tags:  advisory vulnerability ipv cisco-ios cisco-security ipv6-protocol-stack cisco-ios-software cisco-security-advisory  

• 13:54

  Cisco Security Advisory 20110928-dlsw

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching (DLSw) feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory dlsw Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory dlsw-cisco  

• 13:54

  Cisco Security Advisory 20110928-dlsw

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching (DLSw) feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory dlsw Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory dlsw-cisco  

• 13:52

  Cisco Security Advisory 20110928-c10k

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco 10000 Series Router is affected by a denial of service (DoS) vulnerability that can allow an attacker to cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are also available.

  Tags:  advisory vulnerability series cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 13:52

  Cisco Security Advisory 20110928-c10k

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco 10000 Series Router is affected by a denial of service (DoS) vulnerability that can allow an attacker to cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are also available.

  Tags:  advisory vulnerability series cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 13:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability

  Tags:  advisory smart Software cisco-ios cisco-security cisco-security-advisory code-execution bugtraq  

• 12:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

  Tags:  advisory session Software cisco-ios cisco-security cisco-ios-software session-initiation-protocol cisco-security-advisory  

• 12:00

  Bugtraq: Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities

  Tags:  advisory unified communications cisco-security session-initiation-protocol cisco-unified-communications-manager  

• 11:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability

  Tags:  advisory ipv Software cisco-ios cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• 11:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities

  Tags:  advisory ipv Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory bugtraq  

• 11:00

  Bugtraq: Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

  Tags:  advisory network Software cisco-ios cisco-security cisco-ios-software cisco-security-advisory network-address-translation  

• September 20, 2011
• 20:19

  Cisco Security Advisory 20110920-ise

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.

  Tags:  advisory device ise cisco-security cisco-security-advisory free-software-updates device-configuration  

• 20:19

  Cisco Security Advisory 20110920-ise

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.

  Tags:  advisory device ise cisco-security cisco-security-advisory free-software-updates device-configuration  

• 20:19

  Cisco Security Advisory 20110920-ise

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.

  Tags:  advisory device ise cisco-security cisco-security-advisory free-software-updates device-configuration  

• September 15, 2011
• 9:00

  Bugtraq: Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities

  Tags:  solution management ciscoworks cisco-security lan-management-solution cisco-security-advisory ciscoworks-lan-management-solution  

• 9:00

  Bugtraq: Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities

  Tags:  advisory unified service cisco-security cisco-security-advisory code-execution service-monitor  

• September 14, 2011
• 15:58

  Cisco Security Advisory 20110914-cusm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory unified Software cisco-security cisco-security-advisory free-software-updates cusm  

• 15:58

  Cisco Security Advisory 20110914-cusm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory unified Software cisco-security cisco-security-advisory free-software-updates cusm  

• 15:47

  Cisco Security Advisory 20110914-lms

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Two vulnerabilities exist in CiscoWorks LAN Management Solution software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software ciscoworks cisco-security cisco-security-advisory lan-management-solution free-software-updates  

• 15:47

  Cisco Security Advisory 20110914-lms

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Two vulnerabilities exist in CiscoWorks LAN Management Solution software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software ciscoworks cisco-security cisco-security-advisory lan-management-solution free-software-updates  

• 15:47

  Cisco Security Advisory 20110914-lms

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Two vulnerabilities exist in CiscoWorks LAN Management Solution software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software ciscoworks cisco-security cisco-security-advisory lan-management-solution free-software-updates  

• September 07, 2011
• 19:34

  Cisco Security Advisory 20110907-nexus

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A vulnerability exists in Cisco Nexus 5000 and 3000 Series Switches that may allow traffic to bypass deny statements in access control lists (ACLs) that are configured on the device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.

  Tags:  advisory vulnerability nexus cisco-nexus cisco-security cisco-security-advisory free-software-updates access-control-lists  

• 19:34

  Cisco Security Advisory 20110907-nexus

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A vulnerability exists in Cisco Nexus 5000 and 3000 Series Switches that may allow traffic to bypass deny statements in access control lists (ACLs) that are configured on the device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.

  Tags:  advisory vulnerability nexus cisco-nexus cisco-security cisco-security-advisory free-software-updates access-control-lists  

• 19:34

  Cisco Security Advisory 20110907-nexus

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A vulnerability exists in Cisco Nexus 5000 and 3000 Series Switches that may allow traffic to bypass deny statements in access control lists (ACLs) that are configured on the device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.

  Tags:  advisory vulnerability nexus cisco-nexus cisco-security cisco-security-advisory free-software-updates access-control-lists  

• 11:00

  Bugtraq: Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability

  Tags:  advisory series switches cisco-nexus cisco-security cisco-security-advisory series-switches access-control-list  

• August 31, 2011
• 13:05

  Bugtraq: Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs

  Tags:  advisory denial service cisco-telepresence cisco-security service-vulnerability denial-of-service  

• 11:35

  Cisco Security Advisory 20110831-tandberg

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs that are running software versions prior to TC4.0.0 or F9.1 contain a vulnerability that could allow an attacker to cause a denial of service. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software endpoints cisco-telepresence c-series cisco-security cisco-security-advisory free-software-updates  

• 11:35

  Cisco Security Advisory 20110831-tandberg

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs that are running software versions prior to TC4.0.0 or F9.1 contain a vulnerability that could allow an attacker to cause a denial of service. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software endpoints cisco-telepresence c-series cisco-security cisco-security-advisory free-software-updates  

• 11:35

  Cisco Security Advisory 20110831-tandberg

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs that are running software versions prior to TC4.0.0 or F9.1 contain a vulnerability that could allow an attacker to cause a denial of service. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software endpoints cisco-telepresence c-series cisco-security cisco-security-advisory free-software-updates  

• August 30, 2011
• 18:47

  Cisco Security Advisory 20110830-apache

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document listed in this advisory.

  Tags:  advisory vulnerability apache cisco-applied cisco-security apache-httpd-server cisco-security-advisory cisco-devices  

• 18:47

  Cisco Security Advisory 20110830-apache

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document listed in this advisory.

  Tags:  advisory vulnerability apache cisco-applied cisco-security apache-httpd-server cisco-security-advisory cisco-devices  

• 18:47

  Cisco Security Advisory 20110830-apache

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document listed in this advisory.

  Tags:  advisory vulnerability apache cisco-applied cisco-security apache-httpd-server cisco-security-advisory cisco-devices  

• 13:00

  Bugtraq: Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

  Tags:  advisory httpd apache cisco-security cisco-security-advisory service-vulnerability apache-httpd  

• August 25, 2011
• 11:00

  Bugtraq: Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server

  Tags:  advisory query open cisco-unified cisco-security query-interface open-query  

• 8:00

  Bugtraq: Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

  Tags:  advisory unified communications manager-denial cisco-security cisco-unified-communications-manager denial-of-service  

• 6:00

  Bugtraq: Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

  Tags:  advisory denial service cisco-security denial-of-service intercompany  

• August 24, 2011
• 17:38

  Cisco Security Advisory 20110824-cucm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified Communications Manager contains five (5) denial of service (DoS) vulnerabilities. Cisco has released free software updates for affected versions of Cisco Unified Communications Manager to address the vulnerabilities. A workaround exists for the SIP and Packet Capture Service DoS vulnerabilities.

  Tags:  advisory unified communications cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:38

  Cisco Security Advisory 20110824-cucm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains five (5) denial of service (DoS) vulnerabilities. Cisco has released free software updates for affected versions of Cisco Unified Communications Manager to address the vulnerabilities. A workaround exists for the SIP and Packet Capture Service DoS vulnerabilities.

  Tags:  advisory unified communications cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:38

  Cisco Security Advisory 20110824-cucm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Communications Manager contains five (5) denial of service (DoS) vulnerabilities. Cisco has released free software updates for affected versions of Cisco Unified Communications Manager to address the vulnerabilities. A workaround exists for the SIP and Packet Capture Service DoS vulnerabilities.

  Tags:  advisory unified communications cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:16

  Cisco Security Advisory 20110824-cucm-cups

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified Communications Manager (previously known as Cisco CallManager) and Cisco Unified Presence Server contain an open query interface that could allow an unauthenticated, remote attacker to disclose the contents of the underlying databases on affected product versions. Cisco has released free updated software for most supported releases. A security patch file is also available for all supported versions that will remediate this issue. The patch may be applied to active systems without requiring a reload. Customers are advised to apply a fixed version or upgrade to a fixed train. Customers who need to stay on a version for which updated software is not currently available or who can not immediately apply the update are advised to apply the patch. No workarounds are available for this issue.

  Tags:  patch advisory Software cisco-unified cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager train-customers  

• 17:16

  Cisco Security Advisory 20110824-cucm-cups

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified Communications Manager (previously known as Cisco CallManager) and Cisco Unified Presence Server contain an open query interface that could allow an unauthenticated, remote attacker to disclose the contents of the underlying databases on affected product versions. Cisco has released free updated software for most supported releases. A security patch file is also available for all supported versions that will remediate this issue. The patch may be applied to active systems without requiring a reload. Customers are advised to apply a fixed version or upgrade to a fixed train. Customers who need to stay on a version for which updated software is not currently available or who can not immediately apply the update are advised to apply the patch. No workarounds are available for this issue.

  Tags:  patch advisory Software cisco-unified cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager train-customers  

• 17:16

  Cisco Security Advisory 20110824-cucm-cups

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified Communications Manager (previously known as Cisco CallManager) and Cisco Unified Presence Server contain an open query interface that could allow an unauthenticated, remote attacker to disclose the contents of the underlying databases on affected product versions. Cisco has released free updated software for most supported releases. A security patch file is also available for all supported versions that will remediate this issue. The patch may be applied to active systems without requiring a reload. Customers are advised to apply a fixed version or upgrade to a fixed train. Customers who need to stay on a version for which updated software is not currently available or who can not immediately apply the update are advised to apply the patch. No workarounds are available for this issue.

  Tags:  patch advisory Software cisco-unified cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager train-customers  

• 17:16

  Cisco Security Advisory 20110824-ime

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.

  Tags:  advisory device service cisco-security cisco-security-advisory free-software-updates service-advertisement  

• 17:16

  Cisco Security Advisory 20110824-ime

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.

  Tags:  advisory device service cisco-security cisco-security-advisory free-software-updates service-advertisement  

• 17:16

  Cisco Security Advisory 20110824-ime

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.

  Tags:  advisory device service cisco-security cisco-security-advisory free-software-updates service-advertisement  

• July 29, 2011
• 19:45

  Cisco Security Advisory 20110729-tp

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability default cisco-telepresence cisco-security cisco-security-advisory free-software-updates  

• 19:45

  Cisco Security Advisory 20110729-tp

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability default cisco-telepresence cisco-security cisco-security-advisory free-software-updates  

• 19:45

  Cisco Security Advisory 20110729-tp

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability default cisco-telepresence cisco-security cisco-security-advisory free-software-updates  

• 9:00

  Bugtraq: Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

  Tags:  recording server advisory cisco-telepresence cisco-security cisco-security-advisory server-default  

• 9:00

  Bugtraq: Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability

  Tags:  recording server advisory cisco-telepresence cisco-security cisco-security-advisory server-default  

• July 21, 2011
• 7:00

  Bugtraq: Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

  Tags:  advisory routers series cisco-asr cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• 7:00

  Bugtraq: Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities

  Tags:  management series cisco-security cisco-security-advisory security-appliances management-interface  

• July 20, 2011
• 11:39

  Cisco Security Advisory 20110720-sa500

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory appliances series cisco-security cisco-security-advisory vulnerability-exploitation free-software-updates  

• 11:39

  Cisco Security Advisory 20110720-sa500

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory appliances series cisco-security cisco-security-advisory vulnerability-exploitation free-software-updates  

• 11:39

  Cisco Security Advisory 20110720-sa500

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory appliances series cisco-security cisco-security-advisory vulnerability-exploitation free-software-updates  

• 11:38

  Cisco Security Advisory 20110720-asr9k

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory asr vulnerability cisco-ios cisco-security cisco-security-advisory aggregation-services  

• 11:38

  Cisco Security Advisory 20110720-asr9k

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory asr vulnerability cisco-ios cisco-security cisco-security-advisory aggregation-services  

• 11:38

  Cisco Security Advisory 20110720-asr9k

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory asr vulnerability cisco-ios cisco-security cisco-security-advisory aggregation-services  

• July 06, 2011
• 18:33

  Cisco Security Advisory 20110706-csg

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

  Tags:  advisory vulnerability device sami cisco-security cisco-security-advisory cisco-service dos-vulnerability  

• 18:33

  Cisco Security Advisory 20110706-csg

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

  Tags:  advisory vulnerability device sami cisco-security cisco-security-advisory cisco-service dos-vulnerability  

• 18:33

  Cisco Security Advisory 20110706-csg

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

  Tags:  advisory vulnerability device sami cisco-security cisco-security-advisory cisco-service dos-vulnerability  

• 12:00

  Bugtraq: Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability

  Tags:  advisory content gateway cisco-security cisco-security-advisory service-vulnerability denial-of-service  

• June 01, 2011
• 12:46

  Cisco Security Advisory 20110601-ac

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

  Tags:  secure client advisory cisco-anyconnect cisco-security cisco-security-advisory arbitrary-program program-execution  

• 12:46

  Cisco Security Advisory 20110601-ac

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

  Tags:  secure client advisory cisco-anyconnect cisco-security cisco-security-advisory arbitrary-program program-execution  

• 12:46

  Cisco Security Advisory 20110601-ac

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

  Tags:  secure client advisory cisco-anyconnect cisco-security cisco-security-advisory arbitrary-program program-execution  

• 12:20

  Cisco Security Advisory 20110601-mxe

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

  Tags:  account root Software cisco-security cisco-security-advisory experience-engine mxe  

• 12:20

  Cisco Security Advisory 20110601-mxe

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

  Tags:  account root Software cisco-security cisco-security-advisory experience-engine mxe  

• 12:20

  Cisco Security Advisory 20110601-mxe

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

  Tags:  account root Software cisco-security cisco-security-advisory experience-engine mxe  

• 12:01

  Bugtraq: Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600

  Tags:  credentials advisory default cisco-security experience-engine bugtraq  

• 12:01

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

  Tags:  vulnerabilities advisory multiple cisco-anyconnect cisco-security bugtraq  

• 11:49

  Cisco Security Advisory 20110601-phone

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software phone cisco-unified cisco-security cisco-security-advisory free-software-updates ip-phones  

• 11:49

  Cisco Security Advisory 20110601-phone

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software phone cisco-unified cisco-security cisco-security-advisory free-software-updates ip-phones  

• 11:49

  Cisco Security Advisory 20110601-phone

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

  Tags:  advisory Software phone cisco-unified cisco-security cisco-security-advisory free-software-updates ip-phones  

• 11:48

  Cisco Security Advisory 20110601-cnr

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

  Tags:  password advisory installation cisco-network cisco-security cisco-network-registrar cisco-security-advisory registrar-software  

• 11:48

  Cisco Security Advisory 20110601-cnr

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

  Tags:  password advisory installation cisco-network cisco-security cisco-network-registrar cisco-security-advisory registrar-software  

• 11:48

  Cisco Security Advisory 20110601-cnr

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

  Tags:  password advisory installation cisco-network cisco-security cisco-network-registrar cisco-security-advisory registrar-software  

• May 25, 2011
• 19:04

  Cisco Security Advisory 20110525-iosxr-ssh

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability in the SSH application that may result in a denial of service condition when the SSH version 1 (SSHv1) protocol is used. The vulnerability is a result of unremoved sshd_lock files consuming all available space in the /tmp filesystem. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory tmp-filesystem free-software-updates  

• 19:04

  Cisco Security Advisory 20110525-iosxr-ssh

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability in the SSH application that may result in a denial of service condition when the SSH version 1 (SSHv1) protocol is used. The vulnerability is a result of unremoved sshd_lock files consuming all available space in the /tmp filesystem. Cisco has released free software updates that address this vulnerability.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory tmp-filesystem free-software-updates  

• 19:03

  Cisco Security Advisory 20110525-iosxrspa

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.9.0, 3.9.1, 3.9.2, 4.0.0, 4.0.1, 4.0.2, and 4.1.0 are affected by a vulnerability that an unauthenticated, remote user could use to trigger a reload of the Shared Port Adapters (SPA) Interface Processor by sending specific IP version 4 (IPv4) packets to an affected device. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory ip-version-4 interface-processor  

• 19:03

  Cisco Security Advisory 20110525-iosxrspa

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.9.0, 3.9.1, 3.9.2, 4.0.0, 4.0.1, 4.0.2, and 4.1.0 are affected by a vulnerability that an unauthenticated, remote user could use to trigger a reload of the Shared Port Adapters (SPA) Interface Processor by sending specific IP version 4 (IPv4) packets to an affected device. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory ip-version-4 interface-processor  

• 19:03

  Cisco Security Advisory 20110525-iosxrspa

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.9.0, 3.9.1, 3.9.2, 4.0.0, 4.0.1, 4.0.2, and 4.1.0 are affected by a vulnerability that an unauthenticated, remote user could use to trigger a reload of the Shared Port Adapters (SPA) Interface Processor by sending specific IP version 4 (IPv4) packets to an affected device. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory vulnerability Software cisco-ios cisco-security cisco-security-advisory ip-version-4 interface-processor  

• 18:50

  Cisco Security Advisory 20110525-iosxr

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.8.3, 3.8.4, and 3.9.1 are affected by a vulnerability that an unauthenticated, remote user can trigger by sending specific IP version 4 (IPv4) packets to or through an affected device. Successful exploitation could cause the NetIO process to restart. Under a sustained attack, the Cisco CRS Modular Services Card (MSC) on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router will reload. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory vulnerability Software cisco-asr cisco-ios cisco-carrier cisco-security cisco-security-advisory ip-version-4 aggregation-services  

• 18:50

  Cisco Security Advisory 20110525-iosxr

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.8.3, 3.8.4, and 3.9.1 are affected by a vulnerability that an unauthenticated, remote user can trigger by sending specific IP version 4 (IPv4) packets to or through an affected device. Successful exploitation could cause the NetIO process to restart. Under a sustained attack, the Cisco CRS Modular Services Card (MSC) on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router will reload. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory vulnerability Software cisco-asr cisco-ios cisco-carrier cisco-security cisco-security-advisory ip-version-4 aggregation-services  

• 18:50

  Cisco Security Advisory 20110525-iosxr

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco IOS XR Software Releases 3.8.3, 3.8.4, and 3.9.1 are affected by a vulnerability that an unauthenticated, remote user can trigger by sending specific IP version 4 (IPv4) packets to or through an affected device. Successful exploitation could cause the NetIO process to restart. Under a sustained attack, the Cisco CRS Modular Services Card (MSC) on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router will reload. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. There are no workarounds for this vulnerability.

  Tags:  advisory vulnerability Software cisco-asr cisco-ios cisco-carrier cisco-security cisco-security-advisory ip-version-4 aggregation-services  

• 18:48

  Cisco Security Advisory 20110525-rvs4000

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - Cisco RVS4000 4-port Gigabit Security Routers and Cisco WRVS4400N Wireless-N Gigabit Security Routers have several web interface vulnerabilities that can be exploited by a remote, unauthenticated user. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory routers port n-wireless- cisco-rvs cisco-wrvs n-gigabit cisco-security cisco-security-advisory free-software-updates web-interface  

• 18:48

  Cisco Security Advisory 20110525-rvs4000

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - Cisco RVS4000 4-port Gigabit Security Routers and Cisco WRVS4400N Wireless-N Gigabit Security Routers have several web interface vulnerabilities that can be exploited by a remote, unauthenticated user. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory routers port n-wireless- cisco-rvs cisco-wrvs n-gigabit cisco-security cisco-security-advisory free-software-updates web-interface  

• 18:48

  Cisco Security Advisory 20110525-rvs4000

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - Cisco RVS4000 4-port Gigabit Security Routers and Cisco WRVS4400N Wireless-N Gigabit Security Routers have several web interface vulnerabilities that can be exploited by a remote, unauthenticated user. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

  Tags:  advisory routers port n-wireless- cisco-rvs cisco-wrvs n-gigabit cisco-security cisco-security-advisory free-software-updates web-interface  

• 18:48

  Cisco Security Advisory 20110525-spcdn

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Internet Streamer application, part of the Cisco Content Delivery System (Cisco CDS), contains a vulnerability in its web server component that could cause the web server engine to crash when processing specially crafted URLs. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory web vulnerability cisco-content cisco-cds cisco-internet cisco-security cisco-security-advisory web-server-engine web-server-component  

• 18:48

  Cisco Security Advisory 20110525-spcdn

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Internet Streamer application, part of the Cisco Content Delivery System (Cisco CDS), contains a vulnerability in its web server component that could cause the web server engine to crash when processing specially crafted URLs. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory web vulnerability cisco-content cisco-cds cisco-internet cisco-security cisco-security-advisory web-server-engine web-server-component  

• 18:48

  Cisco Security Advisory 20110525-spcdn

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Internet Streamer application, part of the Cisco Content Delivery System (Cisco CDS), contains a vulnerability in its web server component that could cause the web server engine to crash when processing specially crafted URLs. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

  Tags:  advisory web vulnerability cisco-content cisco-cds cisco-internet cisco-security cisco-security-advisory web-server-engine web-server-component  

• 11:00

  Bugtraq: Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability

  Tags:  sshv advisory Software cisco-ios cisco-security service-vulnerability  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco IOS XR Software IP Packet Vulnerability

  Tags:  advisory packet Software cisco-ios cisco-security bugtraq  

• 10:00

  Bugtraq: Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability

  Tags:  advisory series shared cisco-xr cisco-security cisco-security-advisory interface-processor port-adapters  

• 9:00

  Bugtraq: Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability

  Tags:  system advisory delivery cisco-content cisco-security cisco-security-advisory server-vulnerability content-delivery  

• 9:00

  Bugtraq: Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

  Tags:  advisory web wrvs cisco-rvs cisco-security cisco-security-advisory management-interface web-management  

• May 05, 2011
• 15:22

  Cisco Security Response 20110505-ios

   » ‎ Packet Storm Security Advisories
  Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

  Tags:  ncnipc response bugtraq cisco-ios cisco-psirt cisco-security china ios-software security-response vulnerabilities  

• 15:22

  Cisco Security Response 20110505-ios

   » ‎ Packet Storm Security Recent Files
  Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

  Tags:  ncnipc response bugtraq cisco-ios cisco-psirt cisco-security china ios-software security-response vulnerabilities  

• 15:22

  Cisco Security Response 20110505-ios

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

  Tags:  ncnipc response bugtraq cisco-ios cisco-psirt cisco-security china ios-software security-response vulnerabilities  

• 9:00

  Bugtraq: Cisco Security Response: Cisco IOS Software Denial of Service Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Response: Cisco IOS Software Denial of Service Vulnerabilities

  Tags:  response denial Software cisco-ios cisco-security denial-of-service security-response  

• April 27, 2011
• 17:45

  Cisco Security Advisory 20110427-cucm

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Unified Communications Manager (previously known as Cisco CallManager) contains three denial of service, one directory traversal, and two remote SQL injection vulnerabilities. Cisco has released free software updates for affected Cisco Unified Communications Manager versions to address the vulnerabilities. A workaround exists only for the SIP DoS vulnerabilities.

  Tags:  advisory unified communications cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:45

  Cisco Security Advisory 20110427-cucm

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Unified Communications Manager (previously known as Cisco CallManager) contains three denial of service, one directory traversal, and two remote SQL injection vulnerabilities. Cisco has released free software updates for affected Cisco Unified Communications Manager versions to address the vulnerabilities. A workaround exists only for the SIP DoS vulnerabilities.

  Tags:  advisory unified communications cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:45

  Cisco Security Advisory 20110427-cucm

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Unified Communications Manager (previously known as Cisco CallManager) contains three denial of service, one directory traversal, and two remote SQL injection vulnerabilities. Cisco has released free software updates for affected Cisco Unified Communications Manager versions to address the vulnerabilities. A workaround exists only for the SIP DoS vulnerabilities.

  Tags:  advisory unified communications cisco-callmanager cisco-security cisco-security-advisory cisco-unified-communications-manager free-software-updates  

• 17:45

  Cisco Security Advisory 20110427-wlc

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated attacker could cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. There are no available workarounds to mitigate this vulnerability.

  Tags:  advisory vulnerability wlc cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 17:45

  Cisco Security Advisory 20110427-wlc

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated attacker could cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. There are no available workarounds to mitigate this vulnerability.

  Tags:  advisory vulnerability wlc cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 17:45

  Cisco Security Advisory 20110427-wlc

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated attacker could cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. There are no available workarounds to mitigate this vulnerability.

  Tags:  advisory vulnerability wlc cisco-wireless lan-controller cisco-security cisco-security-advisory free-software-updates dos-vulnerability  

• 12:01

  Bugtraq: Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Cisco Wireless LAN Controllers Denial of Service Vulnerability

  Tags:  advisory denial service cisco-wireless cisco-security lan-controllers cisco-security-advisory service-vulnerability  

• 12:00

  Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager

   » ‎ SecurityFocus Vulnerabilities
  Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager

  Tags:  cisco-security unified-communications communications-manager  

• April 12, 2011
• 14:00

  [openbsd/x86] - Cisco Security Agent Management Console ‘st_upload’ RCE Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [openbsd/x86] - Cisco Security Agent Management Console ‘st_upload’ RCE Exploit

  Tags:  management console security cisco-security agent-management security-agent  

• March 30, 2011
• 15:58

  Cisco Security Advisory 20110330-acs

   » ‎ Packet Storm Security Advisories
  Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

  Tags:  vulnerability attacker account cisco-secure cisco-security cisco-security-advisory acs-database cisco-secure-access-control  

• 15:58

  Cisco Security Advisory 20110330-acs

   » ‎ Packet Storm Security Recent Files
  Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

  Tags:  vulnerability attacker account cisco-secure cisco-security cisco-security-advisory acs-database cisco-secure-access-control  

• 15:58

  Cisco Security Advisory 20110330-acs

   » ‎ Packet Storm Security Misc. Files
  Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

  Tags:  vulnerability attacker account cisco-secure cisco-security cisco-security-advisory acs-database cisco-secure-access-control