<< Previous Next >>
fixes
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
III Post-Mortem
====================================================
1 Vendor Reaction
____________________________________________________
FluxBB reacted on the same day, commiting a fix with credit on April 30th.
MyBB reacted within a day, releasing a fixed version on May 3rd.
Credit was given.
Phorum reacted after the reminder on May 8th. A fix was released on
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsw24700 - SSLVPN sessions cause a memory leak in the device.
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCso05337 - HA: Input queue wedged by ICMP packet
CVSS Base Score - 7.1
from lack of proper consistency checks for the stated Length and the
corresponding Value in several record Types.
As an specific example for records of type SRANGE (0x001b) which can
specify arbitrary lengths of data that the library attempt to copy in to a
fixed length buffer in the stack is shown in following disassembled code:
.text:02A87FD4 cmp eax, 1Bh
.text:02A87FD7 jz loc_2A881C9
...
.text:02A881DC lea eax, [ebp+szVulnerableBuffer]
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
These vulnerabilities affect only devices running Cisco IOS and
Cisco IOS XE Software (here after both referred to as simply Cisco
IOS) with support for RFC4893 and that have been configured for
BGP routing.
The software table in the section "Software Versions and Fixes" of
this advisory indicates all affected Cisco IOS Software versions that
have support for RFC4893 and are affected by this vulnerability.
A Cisco IOS software version that has support for RFC4893 will allow
configuration of AS numbers using 4 Bytes. The following example
. CitectFacilities v7
*Non-vulnerable Packages*
. Contact the vendor for fixed versions of the product.
*Vendor Information, Solutions and Workarounds*
In general process control networks should be physically isolated from
encryption-capable images, which contain either k8 or k9 in the image
name, are not vulnerable. If a device is running an encryption-capable
image, the existence of the "ip scp server enable" command in the
configuration will determine whether the device is affected.
Please consult the table of fixed software in the Software Version and
Fixes section for the specific 12.2-based IOS releases that are
affected.
To determine the software running on a Cisco product, log in to the
device and issue the "show version" command to display the system banner.
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
Affected Products
=================
The service policy bypass vulnerability affects all versions of the
Cisco IOS Software for the CSG2 prior to the first fixed release, as
indicated in the "Software Versions and Fixes" section of this advisory.
The two denial of service vulnerabilities only affect Cisco IOS Software
Release 12.4(24)MD1 on the Cisco CSG2. No other Cisco IOS Software
releases are affected.
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_basic_sys_manage.html#wp1001170
This vulnerability is documented in the following Cisco Bug IDs:
CSCsu24505 and CSCsv75948 and has been assigned the Common Vulnerabilities
and Exposures (CVE) identifier CVE-2009-2869. Both Cisco bug IDs are
required for a full fix to this vulnerability.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
For more information about SSH versions in IOS, please check the
following URL:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_ssh2.html
The SSH server is not available in all IOS images. Devices that do
not support SSH are not vulnerable. Please consult the table of fixed
software in the Software Version and Fixes section for the specific
12.4-based IOS releases that are affected.
To determine the software running on a Cisco product, log in to the
device and issue the show version command to display the system
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
Note: The March 26, 2008 publication includes five Security
Advisories. The Advisories all affect Cisco IOS. Each Advisory lists
the releases that correct the vulnerability described in the
Advisory, and the Advisories also detail the releases that correct
the vulnerabilities in all five Advisories. Please reference the
following software table to find a release which fixes all published
Security Advisories as of March 26th, 2008.
* March 26th bundled IOS Advisory Table
http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml
| | 5.0.01.0600 | |
+----------------------------------------------------------------+
Note: The VPN Client for Windows software is distributed as both a
Microsoft Installer (MSI) package and an InstallShield (IS) package. Only
the MSI package for version 5.0.01.0600 of the VPN Client contains the fix
for the "Local Privilege Escalation Through Default cvpnd.exe File
Permissions" vulnerability. The IS package does not contain the fix for
that vulnerability and has been removed from http://www.cisco.com.
Customers who have downloaded and installed the IS package for version
5.0.01.0600 of the VPN Client will need to apply the workaround listed in
Problem Description:
This is a maintenance and security update that upgrades php to 5.3.3
for 2010.0/2010.1.
Security Enhancements and Fixes in PHP 5.3.3:
* Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
* Fixed a possible resource destruction issues in shm_put_var().
* Fixed a possible information leak because of interruption of
content's source.
8.2. *Dynamic OBJECT tag vulnerability*
Microsoft's June 2009 Cumulative Security Update for Internet Explorer
[8] included a patch to fix the bug reported in CORE-2008-0826. The fix
was implemented as a modification to the MIME-type detection method when
loading content specified in an 'OBJECT' tag. Thus, the contents of the
index.dat file will not be rendered and shown to an Internet Explorer
user if it is directly referenced from a webpage with the following HTML
code:
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS^ software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
Manager is automatically upgraded to the latest version. There is a
manual workaround available for users who are not able to connect to
the WebEx meeting service.
Cisco WebEx is in the process of upgrading the meeting service
infrastructure with fixed versions of the affected file.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml
Long history:
Some days ago, after the release of Oracle Critical Patch Update April
2012, a friend of mine told me that Oracle gave me credit in the
"Security-In-Depth" program for a vulnerability they fixed. After this,
I asked both Oracle and iSightPartners (the company I sold the
vulnerability in 2008) for information about the vulnerability they
fixed in this CPU. Oracle told us that the vulnerability with tracking
id #13793589 (the TNS poison vulnerability) was the one fixed.
Integrity Impact Complete
Availability Impact Complete
CVSS Temporal Score - 8.3
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
CSCtb83607 - Privilege escalation possible over HTTP protocol
CVSS Base Score - 9
Access Vector Network
CA's support is alerting customers to multiple security risks
associated with CA Anti-Virus Engine. Vulnerabilities exist in
the arclib component that can allow a remote attacker to cause a
denial of service, or to cause heap corruption and potentially
further compromise a system. CA has issued fixes to address the
vulnerabilities.
The first vulnerability, CVE-2009-3587, is due to improper
handling of a specially crafted RAR archive file by the CA
Anti-Virus engine arclib component. An attacker can create a
Availability Impact - none
CVSS Temporal Score - 3.6
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Affected Products
=================
This vulnerability affects a limited number of Cisco IOS Software
releases. Consult the "Software Versions and Fixes" section of this
advisory for the details of affected releases.
Only devices that are configured with Cisco IOS Zone-Based Policy
Firewall SIP inspection (UDP port 5060, TCP ports 5060, and 5061) are
vulnerable. Cisco IOS devices that are configured with legacy Cisco
<<Previous Next>>
|
