New User, Welcome!     Login

Next Page >>

available

Cisco Security Advisory: Cisco IOS Software Secure Copy Privilege Escalation Vulnerability

 Access Vector           - Network
 Access Complexity       - Low
 Authentication          - Single
 Confidentiality Impact  - Complete
 Integrity Impact        - Complete
 Availability Impact     - Complete

CVSS Temporal Score - 7.4

 Exploitability          - Functional
 Remediation Level       - Official-Fix

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         Partial
    Availability Impact -      Partial

CVSS Temporal Score - 5.3
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

CVSS Temporal Score - 6.4

Exploitability          - Functional
Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability

 Access Vector           - Network
 Access Complexity       - Low
 Authentication          - None
 Confidentiality Impact  - None
 Integrity Impact        - None
 Availability Impact     - Complete

CVSS Temporal Score - 6.4

 Exploitability          - Functional
 Remediation Level       - Official-Fix

Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - Complete
        Integrity Impact         - Complete
        Availability Impact      - Complete

CVSS Temporal Score - 8.3

        Exploitability           - Functional
        Remediation Level        - Official-Fix

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities

 Access Vector           - Network
 Access Complexity       - Low
 Authentication          - None
 Confidentiality Impact  - None
 Integrity Impact        - None
 Availability Impact     - Complete

CVSS Temporal Score - 6.4

 Exploitability          - Functional
 Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerability

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

CVSS Temporal Score - 6.4

Exploitability          - Functional
Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities

    Access Vector -            Adjacent Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 5.0
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

Access Vector           Network
Access Complexity       Low
Authentication          None
Confidentiality Impact  None
Integrity Impact        None
Availability Impact     Complete

CVSS Temporal Score - 6.4
Exploitability          Functional
Remediation Level       Official Fix
Report Confidence       Confirmed

Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Partial

CVSS Temporal Score - 4.8

Exploitability          - Functional
Remediation Level       - Unavailable

Cisco Security Advisory: Cisco IOS Software WebVPN and SSLVPN Vulnerabilities

 Access Vector           - Network
 Access Complexity       - Low
 Authentication          - None
 Confidentiality Impact  - None
 Integrity Impact        - None
 Availability Impact     - Complete

CVSS Temporal Score - 6.4

 Exploitability          - Functional
 Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

CVSS Temporal Score - 6.4

Exploitability          - Functional
Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability

Access Vector           Network
Access Complexity       Medium
Authentication          None
Confidentiality Impact  None
Integrity Impact        None
Availability Impact     Complete

CVSS Temporal Score - 5.9
Exploitability          Functional
Remediation Level       Official Fix
Report Confidence       Confirmed

Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

CVSS Temporal Score - 8.3
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

[security bulletin] HPSBPI02728 SSRT100692 rev.3 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default

Update the firmware to a version that implements code signing
Disable the Remote Firmware Update

The code signing feature verifies that firmware updates are properly signed. This will prevent the installation of invalid firmware updates.

Note: A firmware update may be required to allow the RFU to be disabled or to implement code signing. Code signing is not available on all the affected devices. Please refer to the following table.

Product
 Firmware Update Required to Allow Disabling RFU
 Firmware Update Required for Code Signing

Cisco Security Advisory: Cisco IOS Software IPsec Vulnerability

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

CVSS Temporal Score - 6.4

Exploitability          - Functional
Remediation Level       - Official-Fix

[security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default

Update the firmware to a version that implements code signing
Disable the Remote Firmware Update

The code signing feature verifies that firmware updates are properly signed. This will prevent the installation of invalid firmware updates.

Note: A firmware update may be required to allow the RFU to be disabled or to implement code signing. Code signing is not available on all the affected devices. Please refer to the following table.

Product
 Firmware Update Required to Allow Disabling RFU
 Firmware Update Required for Code Signing

Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS

  Access Complexity:      Low
  Authentication:         None

  Confidentiality Impact: None
  Integrity Impact:       None
  Availability Impact:    Complete

  CVSS Temporal Score - 6.4

  Exploitability:         Functional
  Remediation Level:      Official-Fix

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

Access Vector           Network
Access Complexity       Low
Authentication          None
Confidentiality Impact  None
Integrity Impact        None
Availability Impact     Complete

CVSS Temporal Score - 6.4
Exploitability          Functional
Remediation Level       Official Fix
Report Confidence       Confirmed

Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability

    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

CVSS Temporal Score - 6.4
    Exploitability -           Functional
    Remediation Level -        Official-Fix
    Report Confidence -        Confirmed

Multiple vulnerabilities in SiT! Support Incident Tracker

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform SQL injection, cross-site scripting, cross-site request forgery attacks.

1) Input passed via the "start" GET parameter to /portal/kb.php is not properly sanitised before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The following PoC code is available:

http://[host]/portal/kb.php?start=SQL_CODE_HERE

2) Input passed via the "contractid" GET parameter to contract_add_service.php is not properly sanitised before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

[security bulletin] HPSBPI02728 SSRT100692 rev.5 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default

Update the firmware to a version that implements code signing
Disable the Remote Firmware Update

The code signing feature verifies that firmware updates are properly signed. This will prevent the installation of invalid firmware updates.

Note: A firmware update may be required to allow the RFU to be disabled or to implement code signing. Code signing is not available on all the affected devices. Please refer to the following table.

Product
 Firmware Update Required to Allow Disabling RFU
 Firmware Update Required for Code Signing

Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

Memory Leak Vulnerability
+------------------------

CSCse56800 causes a memory leak in affected devices. The memory 
leak is caused by the processing of a specific type of valid SIP 
messages and may eventually disrupt the availability of all 
voice services, even if the Cisco IOS device is still running. 
This vulnerability has been assigned Common Vulnerabilities and
Exposures (CVE) ID CVE-2008-3799.

Device Reload Vulnerabilities

Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software

        Access Vector          - Network
        Access Complexity      - Low
        Authentication         - None
        Confidentiality Impact - None
        Integrity Impact       - None
        Availability Impact    - Complete

CVSS Temporal Score - 6.4

        Exploitability          - Functional
        Remediation Level       - Official-Fix

Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers

  Access Vector            - Network
  Access Complexity        - Low
  Authentication           - None
  Confidentiality Impact   - None
  Integrity Impact         - None
  Availability Impact      - Complete

  CVSS Temporal Score - 6.4

  Exploitability           - Functional
  Remediation Level        - Official-Fix
Next Page>>

Copyright © 1995-2013 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!