Next Page >>
fixes
document:
NAT of SIP over TCP vulnerability: Crafted SIP packets on TCP port
5060 could cause unpredictable results, including the reload of the
vulnerable device. Translation of SIP over TCP packets will be disabled
by default with the fix for this vulnerability. This vulnerability is
documented in Cisco bug ID CSCso02147 and has been assigned Common
Vulnerabilities and Exposures CVE-2011-3276.
Provider edge Multiprotocol Label Switching (MPLS) NAT of SIP over UDP
packets DoS vulnerability: A malformed SIP packet on UDP 5060 that
Integrity Impact None
Availability Impact Complete
CVSS Temporal Score - 6.4
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
CSCtf91428 - NAT for H.323 DoS
CVSS Base Score - 7.8
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Integrity Impact None
Availability Impact Complete
CVSS Temporal Score - 6.4
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
CSCsz43987 - IOS coredump when sending crafted packets
CVSS Base Score - 7.8
Manager (SDM) as well as a direct HTTP session to Cisco IOS http
server. This vulnerability affects 12.1E based trains and all
Cisco IOS releases after 12.2(13)T.
These vulnerabilities are independent of each other. For a full
solution, download a Cisco IOS version that contains the fixes for
both Cisco bug IDs. These vulnerabilities have been assigned Common
Vulnerabilities and Exposures (CVE) identifier CVE-2008-3821.
Workaround
+---------
Integrity Impact None
Availability Impact Complete
CVSS Temporal Score - 5.9
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
Impact
======
* CSCsq60695 - ACE Module SNMPv3 HMAC Authentication issue
* CSCsq60582 - Nexus SNMPv3 HMAC Authentication issue
Note: Although multiple software defects are listed, this advisory
only identifies two vulnerabilities. Because different Cisco products
require their own fixes, additional Bug IDs have been assigned.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Advisories. The Advisories all affect Cisco's Internetwork Operating
System (IOS). Each Advisory lists the releases that correct the
vulnerability described in the Advisory, and the Advisories also
detail the releases that correct the vulnerabilities in all five
Advisories. Please reference the following software table to find a
release which fixes all published Security Advisories as of March
26th, 2008.
* March 26th bundled IOS Advisory Table
http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCsz48680
CVSS Base Score - 7.8
interface from receiving any additional traffic. The only exception
is Resource Reservation Protocol (RSVP) service, which if exploited,
will cause the device to crash. Only the interface on which the
vulnerability was exploited will be affected.
Cisco is providing fixed software to address this issue. There are
workarounds available to mitigate the effects of the vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 5.0
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCtj30155 ("ICMPv6 packet may cause MPLS configured device to
reload")
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
* CSCto68554 ("Cisco IOS Software Denial of Service when processing
specially crafted HTTP packets")
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Integrity Impact - Complete
Availability Impact - Complete
CVSS Temporal Score - 8.3
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Note: The March 26, 2008 publication includes five Security
Advisories. The Advisories all affect Cisco IOS. Each Advisory lists
the releases that correct the vulnerability described in the
Advisory, and the Advisories also detail the releases that correct
the vulnerabilities in all five Advisories. Please reference the
following software table to find a release that fixes all published
Security Advisories as of March 26th, 2008.
* March 26th bundled IOS Advisory Table
http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml
A device that is running Cisco IOS Software will be affected if it
is running a vulnerable version and if it is acting as a DNS server.
All Cisco IOS Software releases that support the DNS server
functionality and that have not had their DNS implementation
improved are affected. For information about specific fixed
versions, please refer to the Software Versions and Fixes section.
A device that is running Cisco IOS Software is configured to act
as a DNS server if the command "ip dns server" is present in the
configuration. This command is not enabled by default.
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Multiple vulnerabilities exist in the Session Initiation Protocol
(SIP) implementation in Cisco IOS that can be exploited remotely to
trigger a memory leak or to cause a reload of the IOS device.
Cisco has released free software updates that address these
vulnerabilities. Fixed Cisco IOS software listed in the Software
Versions and Fixes section contains fixes for all vulnerabilities
addressed in this advisory.
There are no workarounds available to mitigate the effects of any of
the vulnerabilities apart from disabling the protocol or feature
Availability Impact - Complete
CVSS Temporal Score - 7.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Integrity Impact None
Availability Impact Complete
CVSS Temporal Score - 6.4
Exploitability Functional
Remediation Level Official Fix
Report Confidence Confirmed
Impact
======
advisories. The advisories all address vulnerabilities in Cisco's
Internetwork Operating System (IOS) software. Each advisory lists the
releases that correct the vulnerability described in the advisory,
and also lists the releases that correct the vulnerabilities in the
other five advisories. Please reference the following software table
to find a release that fixes all published software advisories as of
March 26th, 2008:
* March 26th Bundled IOS Advisory Table
http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
CSCee72997 - P1 SA stuck in KEY_EXCH forever
CVSS Base Score - 7.8
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
Individual publication links are listed below:
filtering outbound SMB connections at the endpoint or network perimeter
may not prevent exploitation it is generally a good security measure to
prevent disclosure of sensitive information such as valid usernames of
endpoint users.
Microsoft has issued a patch to fix the vulnerability and a detailed
description of how to implement the workarounds on IE. It is available
as Security Bulletin http://go.microsoft.com/fwlink/?LinkID=150860.
Microsoft's Research and Defense blog has further discussion about the
vulnerability, workarounds and mitigations [3].
Next Page>>
|
