Next Page >>
contains
Summary
=======
Cisco Unified Communications Manager, formerly Cisco CallManager,
contains multiple denial of service (DoS) vulnerabilities that may
cause an interruption in voice services, if exploited. These
vulnerabilities were discovered internally by Cisco. The following
Cisco Unified Communications Manager services are affected:
* Certificate Trust List (CTL) Provider
Summary
=======
Cisco Unified Communications Manager, formerly Cisco CallManager,
contains multiple denial of service (DoS) vulnerabilities that may
cause an interruption in voice services, if exploited. These
vulnerabilities were discovered internally by Cisco. The following
Cisco Unified Communications Manager services are affected:
* Certificate Trust List (CTL) Provider
--------
ESXi500-201205001
md5sum: 4a1de58656980271d79a32107cba75cf
sha1sum: 5f23b318df3476002877c37f2970093dc2217d75
http://kb.vmware.com/kb/2019857
ESXi500-201205001 contains ESXi500-201205401-SG
ESXi 4.1
--------
ESXi410-201205001
md5sum: 5a37d83fc2a96483c94b3087387b3e9c
Summary
=======
Cisco Unified Communications Manager (CUCM), formerly Cisco
CallManager, contains a denial of service (DoS) vulnerability in the
Computer Telephony Integration (CTI) Manager service that may cause
an interruption in voice services and an authentication bypass
vulnerability in the Real-Time Information Server (RIS) Data
Collector that may expose information that is useful for
reconnaissance.
+--------------------------------------------------------------------
Summary
=======
Cisco Unified IP Phone models contain multiple overflow and denial of
service (DoS) vulnerabilities. There are workarounds for several of
these vulnerabilities. Cisco has made free software available to
address this issue for affected customers.
This advisory is posted at:
Vulnerable Products
+------------------
Cisco ASA 5500 Series Adaptive Security Appliances that are running
one of the following versions contain the affected ActiveX component:
+---------------------------------------------------------------+
|Affected Version |Affected Release|
|----------------------------------------------+----------------|
| Cisco Adaptive Security Appliance Software |7.1 |
+---------------------------------------------------------------------
Summary
=======
Cisco Unified Communications Manager, formerly CallManager, contains
a privilege escalation vulnerability in the IP Phone Personal Address
Book (PAB) Synchronizer feature that may allow an attacker to gain
complete administrative access to a vulnerable Cisco Unified
Communications Manager system. If Cisco Unified Communications
Manager is integrated with an external directory service, it may be
Summary
=======
Recent versions of Cisco IOS Software support RFC4893 ("BGP Support
for Four-octet AS Number Space") and contain two remote denial of
service (DoS) vulnerabilities when handling specific Border Gateway
Protocol (BGP) updates.
These vulnerabilities affect only devices running Cisco IOS Software
with support for four-octet AS number space (here after referred to as
For Public Release 2008 March 26 1600 UTC (GMT)
Summary
=======
Cisco IOS contains multiple vulnerabilities in the Data-link
Switching (DLSw) feature that may result in a reload or memory leaks
when processing specially crafted UDP or IP Protocol 91 packets.
Cisco has released free software updates that address these
vulnerabilities. Workarounds are available to mitigate the effects of
Summary
=======
Cisco Unified Communications Manager, formerly Cisco Unified
CallManager, contains two denial of service (DoS) vulnerabilities in
the Session Initiation Protocol (SIP) service. An exploit of these
vulnerabilities may cause an interruption in voice services.
Cisco will release free software updates that address these
vulnerabilities and this advisory will be updated as fixed software
| | 5.0.01.0600 | |
+----------------------------------------------------------------+
Note: The VPN Client for Windows software is distributed as both a
Microsoft Installer (MSI) package and an InstallShield (IS) package. Only
the MSI package for version 5.0.01.0600 of the VPN Client contains the fix
for the "Local Privilege Escalation Through Default cvpnd.exe File
Permissions" vulnerability. The IS package does not contain the fix for
that vulnerability and has been removed from http://www.cisco.com.
Customers who have downloaded and installed the IS package for version
5.0.01.0600 of the VPN Client will need to apply the workaround listed in
== Details ==
1. In a PE file, the IMAGE_IMPORT_DESCRIPTOR contains fields named
OriginalFirstThunk and FirstThunk. Both of them point to an array of
IMAGE_THUNK_DATA structures. The structure may contain an RVA address
of the name of the imported function. If this pointer to the name of
the function is invalid, Fileinfo raises an Access Violation
exception, which being unhandled, causes Denial of Service condition.
Summary
=======
The Cisco ACE Application Control Engine Module and Cisco ACE 4710
Application Control Engine contain the following DoS vulnerabilities:
* Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability
* HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS
vulnerability
* Secure Socket Layer (SSL) DoS vulnerability
+---------------------------------------------------------------------
Summary
=======
Cisco Unity Connection contains two vulnerabilities:
* Cisco Unity Connection Privilege Escalation Vulnerability
* Cisco Unity Connection Denial of Service Vulnerability
3. Problem Description
a. VMware Tools Display Driver Privilege Escalation
The VMware XPDM and WDDM display drivers contain buffer overflow
vulnerabilities and the XPDM display driver does not properly
check for NULL pointers. Exploitation of these issues may lead
to local privilege escalation on Windows-based Guest Operating
Systems.
- ---------------------------------------------------------------------
Summary
=======
Cisco IOS software contains two vulnerabilities within the Cisco IOS
WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely
exploited without authentication to cause a denial of service
condition. Both vulnerabilities affect both Cisco IOS WebVPN and
Cisco IOS SSLVPN features:
Summary
=======
Cisco Unified Communications Manager, formerly Cisco CallManager,
contains a denial of service (DoS) vulnerability in the Certificate
Authority Proxy Function (CAPF) service. Exploitation of this
vulnerability could cause an interruption in voice services. The CAPF
service is disabled by default.
Cisco has released free software updates that address this
+---------------------------------------------------------------------
Summary
=======
Cisco IOS® Software contains a vulnerability that could allow an
attacker to cause a Cisco IOS device to reload by remotely sending a
crafted encryption packet.
Cisco has released free software updates that address this
vulnerability.
Summary
=======
Cisco Intrusion Prevention System (IPS) platforms that have gigabit
network interfaces installed and are deployed in inline mode contain
a denial of service vulnerability in the handling of jumbo Ethernet
frames. This vulnerability may lead to a kernel panic that requires a
power cycle to recover platform operation. Platforms deployed in
promiscuous mode only or that do not contain gigabit network
interfaces are not vulnerable.
Cisco ASA UDP Inspection Engine Denial of Service Vulnerability
+--------------------------------------------------------------
The Cisco ASA UDP inspection engine that is used to inspect UDP-based
protocols contains a vulnerability that could allow a remote
unauthenticated attacker to trigger a reload of the Cisco ASA.
All UDP protocols that are being inspected by the Cisco ASA UDP
inspection engine may be vulnerable. The following protocols are known
to use the Cisco ASA UDP inspection engine:
address. Only the MGCP for gateway application (MGCP traffic on UDP port
2427) is affected.
To determine whether MGCP inspection is configured on the PIX or ASA,
log in to the device and issue the CLI command "show service-policy
| include mgcp". If the output contains the text "Inspect: mgcp" and
some statistics, then the device has a vulnerable configuration. The
following example shows a vulnerable Cisco ASA Security Appliance:
ASA# show service-policy | include mgcp
Inspect: mgcp, packet 15, drop 0, reset-drop 0
Summary
=======
Cisco Small Business (SRP 500) Series Services Ready Platforms
contain the following three vulnerabilities:
* Cisco SRP 500 Series Web Interface Command Injection
Vulnerability
* Cisco SRP 500 Series Unauthenticated Configuration Upload
Vulnerability
+---------------------------------------------------------------------
Summary
=======
Cisco Unified Communications Manager (formerly CallManager) contains
multiple denial of service (DoS) vulnerabilities that if exploited
could cause an interruption to voice services. The Session Initiation
Protocol (SIP) and Skinny Client Control Protocol (SCCP) services are
affected by these vulnerabilities.
or via a compromised e-mail account.
IronPort Encryption Appliance Administration Interface Vulnerabilities
+---------------------------------------------------------------------
IronPort Encryption Appliance devices contain two vulnerabilities
that could allow unauthorized users to gain access to the IronPort
Encryption Appliance administration interface and modify other users'
settings. These vulnerabilities do not affect Cisco Registered
Envelope Service users.
2. Problem description and Impact
=================================
Moxie Marlinspike demonstrated in July 2009 that some CAs would sign
certificates that contain embedded NUL characters in the Common Name or
subjectAltName fields of ITU-T X.509 certificates.
Applications that would treat such X.509 strings as NUL-terminated C
strings (rather than strings that contain an explicit length field)
would only check the part up to and excluding the NUL character, so that
packets.
Note: Only packets destined to the device (not transiting the
device) may trigger the effects of this vulnerability.
The following list contains some of the applications within the Cisco
ASA and Cisco PIX devices that use TLS:
* Clientless WebVPN, SSL VPN Client, and AnyConnect Connections
* ASDM (HTTPS) Management Sessions
* Cut-Through Proxy for Network Access
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2010-0566.
Crafted IKE Message Denial of Service Vulnerability
+--------------------------------------------------
Cisco ASA 5500 Series Adaptive Security Appliances contain a
vulnerability that may cause all IPsec tunnels terminating on
the appliance to be torn down and prevent new tunnels from being
established. The tunnels are not torn down immediately; IPsec traffic
will continue to flow until the next rekey, at which time the rekey
will fail and the tunnels will be torn down. Both site-to-site and
Summary
=======
Cisco Unified Communications Manager (formerly Cisco CallManager)
contains multiple denial of service (DoS) vulnerabilities that if
exploited could cause an interruption of voice services. The Session
Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and
Computer Telephony Integration (CTI) Manager services are affected by
these vulnerabilities.
traits_info trait[trait_count]
}
The value of the intrf_count field is the number of entries in the
interface array.
The interface array contains indices into the multiname array of the
constant pool;
the referenced names specify the interfaces implemented by this class.
Vulnerability:
Summary
=======
The server side of the Secure Copy (SCP) implementation in Cisco IOS
software contains a vulnerability that could allow authenticated
users with an attached command-line interface (CLI) view to transfer
files to and from a Cisco IOS device that is configured to be an SCP
server, regardless of what users are authorized to do, per the CLI
view configuration. This vulnerability could allow valid users to
retrieve or write to any file on the device's file system, including
Next Page>>
|
