Entries Tagged ‘DOS’

Aug.30, 2009: 3 new Cisco critical vulnerabilities

Aug.30, 2009 in Security Advisory Leave a Comment

In the last 2 weeks, three new security advisory has been published by PSIRT: Cisco IOS XR Software Border Gateway Protocol Vulnerabilities, Cisco Unified Communications Manager Denial of Service Vulnerabilities and Firewall Services Module Crafted ICMP Message Vulnerability.
1) Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
Cisco IOS XR Software contains multiple vulnerabilities in the Border [...]

Tags:

Jul.29, 2009: 2 new Cisco critical vulnerabilities

Aug.13, 2009 in Security Advisory Leave a Comment

On July 29, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 2 new vulnerability advisories.
1) Active Template Library (ATL) Vulnerability
Certain Cisco products that use Microsoft Active Template Libraries (ATL) and headers may be vulnerable to remote code execution. In some instances, the vulnerability may be exploited against Microsoft Internet Explorer to [...]

Tags: ,

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

Jul.28, 2009 in Security Advisory Leave a Comment

Multiple vulnerabilities exist in the Cisco Wireless LAN Controller (WLC) platforms. This security advisory outlines the details of the following vulnerabilities:

Malformed HTTP or HTTPS authentication response denial of service vulnerability
SSH connections denial of service vulnerability
Crafted HTTP or HTTPS request denial of service vulnerability
Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability

Tags:

CoPP?! What is that?

Jul.22, 2009 in Tutorial 1 Comment

Cisco Network Foundation Protection (NFP) is an umbrella strategy encompassing Cisco IOS Security features that provides the tools, technologies, and services that enable organizations to secure their network foundations. NFP helps to establish a methodical approach to protecting router planes, forming the foundation for continuous service delivery.
The router is typically segmented into three planes of [...]

Tags: , , , ,

Vulnerabilities in Unified Contact Center Express Administration Pages

Jul.20, 2009 in Security Advisory Leave a Comment

Reported to Cisco by National Australia Bank’s Security Assurance team, on July 15, 2009 the PSIRT has published a new security advisory concerning to vulnerabilities in Unified Contact Center Express Administration Pages.
Cisco Unified Contact Center Express (Cisco Unified CCX) server contains both a directory traversal vulnerability and a script injection vulnerability in the administration pages [...]

Tags: ,

Jun.24, 2009: 2 new Cisco critical vulnerabilities

Jun.25, 2009 in Security Advisory Leave a Comment

On June 24, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 2 new vulnerability advisories.
1) Cisco Physical Access Gateway Denial of Service Vulnerability
A denial of service (DoS) vulnerability exists in the Cisco Physical Access Gateway. There are no workarounds available to mitigate the vulnerability. This vulnerability has been corrected in Cisco [...]

Tags: , ,

CiscoWorks TFTP Directory Traversal Vulnerability

May.25, 2009 in Security Advisory Leave a Comment

CiscoWorks Common Services contains a vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.
Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.
Vulnerable Products
Products that have TFTP services enabled and that run CiscoWorks Common Services versions 3.0.x, 3.1.x, and 3.2.x [...]

Tags: ,

Multiple Vulnerabilities in Cisco ASA / PIX security

Apr.13, 2009 in Exploit, Security Advisory Leave a Comment

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances.
Vulnerable Products
The following is a list of the products affected by each vulnerability as described in detail within this advisory.
VPN Authentication Bypass Vulnerability
Cisco ASA or Cisco PIX security appliances that are configured for IPsec or SSL-based remote access VPN [...]

Tags: ,

Mar.25, 2009?! 8 new Cisco vulnerability advisories!

Mar.27, 2009 in Security Advisory Leave a Comment

On March 25, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 8 new vulnerability advisories. Mainly these vulnerabilities are DOS attack.
 
1) Cisco IOS cTCP Denial of Service Vulnerability
A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers [...]

Tags: , ,

2 new Cisco critical vulnerabilities

Mar.20, 2009 in Security Advisory Leave a Comment

On 4 March 2009 and on 11 March 2009, Cisco has published two new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack.
1) Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability
A denial of service (DoS) vulnerability exists in the Cisco Session Border Controller (SBC) for [...]

Tags: , ,