Dec
2
2011

November 2011: two Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error Cisco Small Business SRP500 Series Command Injection Vulnerability

Dec
2
2011

October 2011: ten Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published ten important vulnerability advisories: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Cisco Unified Contact Center Express Directory Traversal Vulnerability Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras Cisco Security Agent Remote Code Execution Vulnerabilities Cisco Unified Communications Manager Directory Traversal Vulnerability CiscoWorks Common Services Arbitrary Command Execution Vulnerability Cisco Show and Share Security Vulnerabilities Directory Traversal Vulnerability in Cisco Network Admission Control Manager Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Multiple Vulnerabilities in Cisco Firewall Services [...]

Nov
17
2011

IP traffic export: how to mirror traffic on a router

The Switched Port Analyzer (SPAN) feature, which is sometimes called port mirroring or port monitoring, selects network traffic, from a switched port, for analysis by a network analyzer. Unfotunately this feature works only on switches or switches Layer3. And in a router, what can I do to copy the traffic? In a previous article, I explained the Embedded Packet Capture, a powerful feature to capture data packets directly on the NVRAM. Another good solution is the ‘IP traffic export‘. Introduced in 12.3(4)T IOS, the IP Traffic Export feature allows users to configure their router to export IP packets that are [...]

Nov
15
2011

Cisco completes acquisition of BNI Video

Cisco announced it has completed its acquisition of privately-held BNI Video. Headquartered in Boxborough, Mass., BNI Video supplies service providers with two major video products that offer video back-office and content delivery network (CDN) analytic capabilities. The acquisition advances the capabilities of Cisco’s Videoscape TV platform, which allows service providers to deliver compelling video experiences to any device over any Internet Protocol (IP) network. BNI Video’s technology also helps Cisco’s service provider customers reduce their operational costs and complexity, while expanding monetization opportunities.

Oct
24
2011

Cisco TelePresence exploits

Cisco TelePresence is an umbrella term for Video Conferencing Hardware and Software, Infrastructure and Endpoints. The C & MXP Series are the Endpoints used on desks or in boardrooms to provide users with a termination point for Video Conferencing. 1. Post-authentication HTML Injection – CVE-2011-2544 (CSCtq46488): Cisco TelePresence Endpoints have a web interface (HTTP or HTTPS) for managing, configuring and reporting. It is possible to set the Call ID (with H.323 or SIP) to a HTML value. If a call is made to another endpoint and an authenticated user browses to the web interface on the endpoint receiving the call [...]

Oct
11
2011

September 2011: fifteen Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published fifteen important vulnerability advisories: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Identity Services Engine Database Default Credentials Vulnerability Cisco IOS Software IPv6 over MPLS Vulnerabilities Cisco IOS Software IPv6 Denial of Service Vulnerability Cisco 10000 Series Denial of Service Vulnerability Cisco IOS Software Smart Install Remote Code Execution Vulnerability Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities Cisco IOS Software Data-Link Switching Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities Cisco Unified Communications Manager Session Initiation Protocol Memory [...]

Oct
4
2011

Wake on LAN through Internet

I write this tutorial to show how it is simple wakup a PC through Internet using WOL feature. What is WOL feature? Wake-on-LAN (WOL) is an Ethernet computer networking standard that allows a computer to be turned on or woken up by a network message. The message is usually sent by a program executed on another computer on the same local area network. It is also possible to initiate the message from another network by using Subnet directed broadcasts or a WOL gateway service. Wake-on-LAN is implemented using a special network message called a magic packet. The magic packet contains [...]

Sep
13
2011

Cisco completes acquisition of AXIOSS Software Assets

Cisco has completed its acquisition of service fulfillment software assets and associated employees from the UK subsidiary (formerly Axiom Systems) of Comptel Corporation (NASDAQ OMX Helsinki: CTL1V).  The acquisition gives Cisco the abilityto extend network and service management technologies across its next-generation Internet Protocol (IP) network platforms, allowing service providers to quickly and efficiently launch new video, data, mobility and cloud services to their customers.

Sep
12
2011

August 2011: five Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Apache HTTPd Range Header Denial of Service Vulnerability Denial of Service Vulnerability in Cisco TelePresence Codecs Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server Cisco Unified Communications Manager Denial of Service Vulnerabilities Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

Aug
5
2011

July 2011: three Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published three important vulnerability advisories: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

Pages:1234567...18»