Browsing articles in "Security Advisory"
Jun
1
2011
May 2011: five Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Cisco Content Delivery System Internet Streamer: Web Server Vulnerability Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Cisco IOS XR Software IP Packet Vulnerability Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability Cisco IOS XR Software SSHv1 Denial of Service Vulnerability

May
2
2011
April 2011: two Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Multiple Vulnerabilities in Cisco Unified Communications Manager Cisco Wireless LAN Controllers Denial of Service Vulnerability Multiple Vulnerabilities in Cisco Unified Communications Manager Cisco Unified Communications Manager (previously known as Cisco CallManager) contains the following vulnerabilities: Three denial of service (DoS) vulnerabilities that affect Session Initiation Protocol (SIP) services Directory transversal vulnerability Two SQL injection vulnerabilities

Apr
5
2011
March 2011: two Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Cisco Network Admission Control Guest Server System Software Authentication Bypass Vulnerability Cisco Secure Access Control System Unauthorized Password Change Vulnerability Cisco Network Admission Control Guest Server System Software Authentication Bypass Vulnerability Cisco Network Admission Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software that may allow an unauthenticated user to access the protected network.

Mar
22
2011
March 2011 Bundled Publication Deferred
Cisco-vulnerabilities

Cisco PSIRT regularly discloses vulnerabilities in Cisco IOS Software on the fourth Wednesday in March and September via the Cisco IOS Security Advisory bundle. The next bundled disclosure was planned for Wednesday, March 23, 2011, but Cisco will defer this disclosure until the next scheduled Cisco IOS bundle on September 28, 2011.

Mar
1
2011
February 2011: nine Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published nine important vulnerability advisories: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Multiple Vulnerabilities in Cisco TelePresence Manager Multiple Vulnerabilities in Cisco TelePresence Recording Server Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Management Center for Cisco Security Agent Remote Code Execution Vulnerability Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints Multiple Cisco WebEx Player Vulnerabilities

Feb
3
2011
January 2011: one Cisco vulnerability
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory: Cisco Content Services Gateway Vulnerabilities Cisco Content Services Gateway Vulnerabilities A service policy bypass vulnerability exists in the Cisco Content Services Gateway – Second Generation (CSG2), which runs on the Cisco Service and Application Module for IP (SAMI). Under certain configurations this vulnerability could allow: Customers to access sites that would normally match a billing policy to be accessed without being charged to the end customer Customers to access sites that would normally be denied based on configured restriction policies

Jan
24
2011
Cisco 2010 Annual Security Report
Cisco-2010-Annual-Security-Report

The Cisco® Annual Security Report provides an overview of the combined security intelligence of the entire Cisco organization. The report encompasses threat information and trends collected between January and December 2010. It also provides a snapshot of the state of security for that period, with special attention paid to key security trends expected for 2011. In response to the last decade of cyber-exploits targeting PC operating systems, PC platform and application vendors have shored up security in their products and taken a more aggressive approach to patching vulnerabilities. As a result, scammers are finding it harder to exploit platforms that […]

Nov
3
2010
October 2010: one Cisco vulnerability
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability CiscoWorks Common Services Arbitrary Code Execution Vulnerability CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator.

Oct
2
2010
September 2010: seven Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published seven important vulnerability advisories: Cisco IOS Software H.323 Denial of Service Vulnerabilities Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities Cisco IOS SSL VPN Vulnerability Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Multiple Vulnerabilities in Cisco Wireless LAN Controllers

Sep
6
2010
July & August 2010: ten Cisco vulnerabilities
Cisco-vulnerabilities

The The Cisco Product Security Incident Response Team (PSIRT) has published ten important vulnerability advisories: Cisco IOS XR Software Border Gateway Protocol Vulnerability Cisco Unified Communications Manager Denial of Service Vulnerabilities Cisco Unified Presence Denial of Service Vulnerabilities Cisco IOS Software TCP Denial of Service Vulnerability Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine SQL Injection Vulnerability in Cisco Wireless Control System Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Multiple Vulnerabilities in Cisco Firewall Services Module CDS Internet Streamer: Web Server Directory Traversal Vulnerability Hard-Coded SNMP Community Names […]