Jul
11
2013
June 2013: five Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Multiple Vulnerabilities in Cisco Web Security Appliance Multiple Vulnerabilities in Cisco Email Security Appliance Multiple Vulnerabilities in Cisco Content Security Management Appliance Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability Multiple Vulnerabilities in Cisco TelePresence TC and TE Software

Jun
5
2013
May 2013: two Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Vulnerable Products Cisco TelePresence Supervisor MSE 8050 running software versions 2.2(1.17) and earlier are affected by this vulnerability.

May
14
2013
Reload in X? Why don’t you rollback or replace the configuration?
PBR-Route-a-packet-based-on-source-IP-address

Do you remember the article ‘How to schedule a reload‘? This feature (reload in ‘x’) is useful when you must apply a critical configuration on a remote device, for instance new route or new acl. In fact, if you happen to lose connection to device after a change, you must wait the device reload to reconnect to it. This can be a solution but there is a better solution: the replace/roolback feature. Introduced in 12.3(7)T IOS, the Configuration Replace and Configuration Rollback features provide the capability to replace the current running configuration with any saved Cisco IOS configuration file. This […]

May
8
2013
Using IP SLA to change routing
Using-IP-SLA-to-change-routing

Cisco IP SLAs is a part of Cisco IOS that allows Cisco customers to analyze IP service levels for IP applications and services by using active traffic monitoring for measuring network performance. With Cisco IOS IP SLAs, service provider customers can measure and provide service level agreements, and enterprise customers can verify service levels, verify outsourced service level agreements, and understand network performance. Cisco IOS IP SLAs can perform network assessments, verify quality of service (QoS), ease the deployment of new services, and assist with network troubleshooting. IP SLAs collects a unique subset of these performance metrics: Delay (both round-trip […]

May
2
2013
April 2013: ten Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published ten important vulnerability advisories: Multiple Vulnerabilities in Cisco NX-OS-Based Products Cisco Device Manager Command Execution Vulnerability Multiple Vulnerabilities in Cisco Unified Computing System Cisco Network Admission Control Manager SQL Injection Vulnerability Cisco TelePresence Infrastructure Denial of Service Vulnerability Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Multiple Vulnerabilities in Cisco Firewall Services Module Software Multiple Vulnerabilities in Cisco ASA Software Cisco Prime Network Control Systems Database Default Credentials Vulnerability Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution

Apr
23
2013
PBR: Route a packet based on source IP address
PBR-Route-a-packet-based-on-source-IP-address

Everyone knows that the routing table lists the routes to particular network destinations, but is it possible define the next-hop based on source ip, packet size or other criteria? Obviously yes! Policy-based routing (PBR) provides a tool for forwarding and routing data packets based on policies defined by network administrators. In effect, it is a way to have the policy override routing protocol decisions. Policy-based routing includes a mechanism for selectively applying policies based on access list, packet size or other criteria. The actions taken can include routing packets on user-defined routes, setting the precedence, type of service bits, etc.

Apr
12
2013
March 2013: seven Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published seven important vulnerability advisories: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability Cisco IOS Software IP Service Level Agreement Vulnerability Cisco IOS Software Smart Install Denial of Service Vulnerability Cisco IOS Software Protocol Translation Vulnerability Cisco IOS Software Network Address Translation Vulnerability Cisco IOS Software Internet Key Exchange Vulnerability Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability Cisco IOS Software contains a memory leak vulnerability that could be […]

Apr
9
2013
Cisco Video Surveillance Operations Manager 6.3.2 – Multiple vulnerabilities
cisco-exploit

Part of the Cisco Video Surveillance Manager product suite, the Cisco Video Surveillance Operations Manager enables the efficient and effective configuration and management of video throughout an enterprise. It provides a secure web portal to configure, manage, display, and control video in an IP network, and provides the ability to easily manage a large number of security assets and users, including media server instances, cameras, encoders, and event sources, as well as digital monitors.

Mar
4
2013
February 2013: four Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published four important vulnerability advisories: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability Cisco Unified Presence Server Denial of Service Vulnerability Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Cisco Unified Communications Manager contains two vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Exploitation of these vulnerabilities could cause an interruption of voice services.

Feb
28
2013
NAT Virtual Interface aka NVI, what is that?!
Nat-and-PAT-a-complete-explanation-pat-nat-overload

Not everyone knows that from IOS version 12.3(14)T, Cisco has introduced a new feature called NAT Virtual Interface; NVI removes the requirements to configure an interface as either NAT inside or NAT outside. An interface can be configured to use NAT or not use NAT. How to use NVI? It’s easy! You must use the command ‘ip nat source …’ without specifying the inside/outside tag and enable the nat to the interfaces using the command ‘ip nat enable’. For instance, if you use legacy statement:

Pages:«12345678...26»