Next Page >>
IOS/XR
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco IOS XR Software Border Gateway
Protocol Vulnerability
Advisory ID: cisco-sa-20100827-bgp
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Security Advisory: Cisco IOS XR
Software Border Gateway Protocol Vulnerability
Advisory ID: cisco-sa-20090818-bgp
http://www.cisco.com/warp/public/707/cisco-sa-20090818-bgp.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS XR Software SSHv1 Denial of Service Vulnerability
Advisory ID: cisco-sa-20110525-iosxr-ssh
Revision 1.0
For Public Release 2011 May 25 1600 UTC (GMT)
Summary
=======
Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco
IOS XR Software version 4.1.0 contain a vulnerability that may cause
a network processor in a line card to lock up while processing an IP
version 4 (IPv4) packet. As a consequence of the network processor
lockup, the line card that is processing the offending packet will
automatically reload.
Hash: SHA256
Cisco Security Advisory: Cisco XR 12000 Series Shared Port Adapters
Interface Processor Vulnerability
Advisory ID: cisco-sa-20110525-iosxrspa
Revision 1.0
For Public Release 2011 May 25 1600 UTC (GMT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service
Vulnerability
Advisory ID: cisco-sa-20100120-xr-ssh
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS XR Software IP Packet
Vulnerability
Advisory ID: cisco-sa-20110525-iosxr
Revision 1.0
+------------------
The following Cisco products are vulnerable.
* Cisco IOS
* Cisco IOS-XR
* Cisco Catalyst Operating System (CatOS)
* Cisco NX-OS
* Cisco Application Control Engine (ACE) Module
* Cisco ACE Appliance
* Cisco ACE XML Gateway
Devices that are not configured for MPLS are not vulnerable.
The following products have been confirmed not to be affected by
these vulnerabilities:
* Cisco IOS XR Software
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Products Confirmed Not Vulnerable
+--------------------------------
Cisco IOS XR Software is not affected by this vulnerability.
Cisco IOS XE Software is not affected by this vulnerability.
No other Cisco products are currently known to be affected by this
vulnerability.
* Virtual Firewall (VFW) application on the multiservice blade
(MSB) on the Cisco XR 12000 Series Router
* Cisco ACE Application Control Engine Module
* Cisco IOS devices configured with legacy Cisco IOS Firewall
Support
* Cisco IOS XR Software
* Cisco IOS XE Software
* Cisco IPS Appliances
* Cisco Catalyst 6500 Series ASA Services Module
* Content Based Access Control (CBAC)
http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Products Confirmed Not Vulnerable
+--------------------------------
Cisco IOS XR Software is not affected by this vulnerability.
Cisco IOS XE Software is not affected by this vulnerability.
No other Cisco products are currently known to be affected by this
vulnerability.
Cisco IOS devices not explicitly configured for NAT are not
vulnerable.
Cisco IOS XE Software is not affected by these vulnerabilities.
Cisco IOS XR Software is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
+--------------------------------
The following products are not affected by this vulnerability:
* Cisco ASA 5500 Series Adaptive Security Appliances
* Cisco IOS XR Software
* Cisco IOS XE Software
No other Cisco products are currently known to be affected by this
vulnerability.
The SIP application layer gateway (ALG), which is used by the Cisco
IOS Network Address Translation (NAT) and firewall features of Cisco
IOS Software, is not affected by these vulnerabilities.
Cisco IOS XR Software is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by this
vulnerability. Cisco IOS XR Software is not affected by this
vulnerability.
The IGMP version 1, IGMP version 2, and IPv6 Multicast Listener
Discovery protocol (MLD) features in Cisco IOS and Cisco IOS XE
Software are not affected by this vulnerability.
http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Products Confirmed Not Vulnerable
+--------------------------------
Cisco IOS XR Software and Cisco IOS XE Software are not affected by
this vulnerability.
No other Cisco products are currently known to be affected by this
vulnerability.
The SIP Application Layer Gateway (ALG), which is used by the Cisco
IOS NAT and firewall features of Cisco IOS Software, is not affected
by these vulnerabilities.
Cisco IOS XR Software is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
+--------------------------------
The following Cisco products are confirmed not vulnerable:
* Cisco IOS Software not explicitly mentioned in this Advisory
* Cisco IOS XR Software
* Cisco IOS NX-OS
No other Cisco products are currently known to be affected by this
vulnerability.
For mapping of Cisco IOS XE to Cisco IOS releases, please refer to
the Cisco IOS XE 2 Release Notes, Cisco IOS XE 3S Release Notes, and
Cisco IOS XE 3SG Release Notes.
Cisco IOS XR Software
+--------------------
Cisco IOS XR Software is not affected by any of the vulnerabilities
in the September 2011 bundled publication.
For mapping of Cisco IOS XE to Cisco IOS releases, please refer to
the Cisco IOS XE 2 Release Notes, Cisco IOS XE 3S Release Notes, and
Cisco IOS XE 3SG Release Notes.
Cisco IOS XR Software
+--------------------
Cisco IOS XR Software is not affected by any of the vulnerabilities
in the September 2011 bundled publication.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
Advisory ID: cisco-sa-20120530-iosxr
Revision 2.0
For Public Release 2012 August 15 16:00 UTC (GMT)
For mapping of Cisco IOS XE to Cisco IOS releases, please refer to
the Cisco IOS XE 2 Release Notes, Cisco IOS XE 3S Release Notes, and
Cisco IOS XE 3SG Release Notes.
Cisco IOS XR Software
+--------------------
Cisco IOS XR Software is not affected by any of the vulnerabilities
in the September 2011 bundled publication.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco IOS XR Software Route Processor Denial of Service Vulnerability
Advisory ID: cisco-sa-20120530-iosxr
Revision 1.0
For Public Release 2012 May 30 16:00 UTC (GMT)
+--------------------------------
* Devices that are running Cisco IOS versions that are not
explicitly listed in the software table below as vulnerable, are
not affected.
* Cisco IOS XR is not affected.
* Cisco IOS XE is not affected.
No other Cisco products are currently known to be affected by this
vulnerability.
Cisco devices that do not run IOS are not affected.
Cisco IOS devices that do not have the SSH server feature enabled are
not affected.
IOS-XR images are not affected.
The following IOS release trains are not affected:
* 10-based releases
* 11-based releases
http://www.cisco.com/warp/public/620/1.html
Products Confirmed Not Vulnerable
+--------------------------------
Cisco IOS XR Software is not affected by this vulnerability.
No other Cisco products are currently known to be affected by this
vulnerability.
Details
+--------------------------------
Cisco IOS devices that are configured for Survivable Remote Site
Telephony (SRST) Mode are not affected.
Cisco IOS XR is not affected.
Cisco IOS XE is not affected.
Cisco Unified Communications Manager is not affected.
* Cisco Fabric Manager
* Cisco Identity Services Engine
* Cisco Intercompany Media Engine
* Cisco IOS Software
* Cisco IOS XE Software
* Cisco IOS XR Software
* Cisco IP Interoperability and Collaboration System (IPICS)
* Cisco Unified IP Phones
* Cisco MDS 9000 NX-OS Software releases 4.2.x or later (prior
versions are affected)
* Cisco NX-OS Software for Nexus 7000 Series Switches releases
Devices running Cisco IOS software versions that do not include MFI
are not vulnerable.
Devices that are not configured for MPLS are not vulnerable.
Devices that are running Cisco IOS XR software are not vulnerable.
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
Next Page>>
|
