Next Page >>
obtain
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | Vulnerable; first | organization per the |
| 12.2EWA | fixed in Release | instructions in the |
| | 12.2SG | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | 12.2(55)EX | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| | | in 12.4T |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.1YI | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.1YJ | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| Affected | | First Fixed Release for |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| | | in 12.2SRC |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRD | Not Vulnerable | the instructions in |
| 12.2CY | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
| 12.2CY | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| | | are not vulnerable. |
|------------+--------------------+--------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this |
| | | advisory. |
|------------+--------------------+--------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+--------------------+--------------------------|
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| | | not vulnerable. |
|------------+------------------+----------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+------------------+----------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+------------------+----------------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
| 12.2EW | vulnerable | 12.2(20)EW4 are not |
| | | vulnerable. |
|------------+--------------+--------------------------------|
| | | Vulnerable; contact your |
| | Not | support organization per the |
| 12.2EWA | vulnerable | instructions in the Obtaining |
| | | Fixed Software section of this |
| | | advisory. |
|------------+--------------+--------------------------------|
| 12.2EX | Not | 12.2(55)EX3 |
| | vulnerable | |
| | | vulnerable. |
|------------+----------------+------------------------------|
| | | Vulnerable; contact your |
| | | support organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+----------------+------------------------------|
| 12.2EX | 12.2(55)EX3 | 12.2(55)EX3 |
|------------+----------------+------------------------------|
| 12.2EY | 12.2(58)EY | 12.2(58)EY |
| | | later are not vulnerable |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JEC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JED | Not Vulnerable | the instructions in |
| | | 15.0(1)M1 |
|------------+---------------------------+---------------------------|
| | Vulnerable; Contact your | Vulnerable; Contact your |
| | support organization per | support organization per |
| 12.4GC | the instructions in | the instructions in |
| | Obtaining Fixed Software | Obtaining Fixed Software |
| | section of this advisory | section of this advisory |
|------------+---------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.4JA | Not Vulnerable | the instructions in |
|------------+---------------------------------------+--------------|
| 12.2YG | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YH | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YJ | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
can cause an integer overflow resulting in a denial of service.
CVE-2010-3296
Dan Rosenberg discovered an issue in the cxgb network driver that allows
unprivileged users to obtain the contents of sensitive kernel memory.
CVE-2010-3297
Dan Rosenberg discovered an issue in the eql network driver that allows
local users to obtain the contents of sensitive kernel memory.
Recommendation:
We strongly recommend that RSA customers should obtain the following hot fixes:
RSA AAOP 6.0.2.1 SP1 Patch 2 customers should obtain Hotfix 430 from SecurCare Online.
RSA AAOP 6.0.2.1 SP1 Patch 3 customers should obtain Hotfix 130 from SecurCare Online.
RSA AAOP 6.0.2.1 SP2 customers should obtain Hotfix 360 from SecurCare Online.
RSA AAOP 6.0.2.1 SP2 Patch 1 customers should obtain Hotfix 140 from SecurCare Online.
Recommendation:
We strongly recommend that RSA customers should obtain the following security fixes:
RSA AAOP 6.0.2.1 SP1 Patch 2 customers should obtain 6.0.2.1 SP1 P2 HF460 from SecurCare Online.
RSA AAOP 6.0.2.1 SP1 Patch 3 customers should obtain 6.0.2.1 SP1 P3 HF170 from SecurCare Online.
RSA AAOP 6.0.2.1 SP2 customers should obtain 6.0.2.1 SP2 HF390 from SecurCare Online.
RSA AAOP 6.0.2.1 SP2 Patch 1 customers should obtain 6.0.2.1 SP2 P1 HF210 from SecurCare Online.
Exposures project identifies the following problems:
CVE-2010-3875
Vasiliy Kulikov discovered an issue in the Linux implementation of the
Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to
sensitive kernel memory.
CVE-2011-0695
Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can
malicious redirects.
CVE-2010-3875
Vasiliy Kulikov discovered an issue in the Linux implementation of the
Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to
sensitive kernel memory.
CVE-2010-4075
Dan Rosenberg reported an issue in the tty layer that may allow local
| 12.4XK | Not Vulnerable | Vulnerable; first fixed in |
| | | 12.4T |
|------------+----------------------+-------------------------------|
| | | Vulnerable; Contact your |
| | | support organization per the |
| 12.4XL | Not Vulnerable | instructions in Obtaining |
| | | Fixed Software section of |
| | | this advisory |
|------------+----------------------+-------------------------------|
| 12.4XM | Not Vulnerable | Vulnerable; first fixed in |
| | | 12.4T |
Recommendation:
We strongly recommend that all customers follow these remediation steps:
RSA AAOP 5.7.x customers should obtain hot fix 110 from RSA SecurCare® Online.
RSA AAOP 6.x customers should obtain hot fix 40 from RSA SecurCare® Online.
RSA AAOP customers who are still on 2.x versions should contact Support for remediation assistance.
The Cisco IP Phone Personal Address Book (PAB) Synchronizer feature
of Cisco Unified Communications Manager allows users to keep their
Cisco Unified Communications Manager address book synchronized with
their Microsoft Windows address book. The IP Phone PAB Synchronizer
feature contains a privilege escalation vulnerability that may allow
an attacker to obtain complete administrative access to a vulnerable
Cisco Unified Communications Manager system. After an IP Phone PAB
Synchronizer client successfully authenticates to a Cisco Unified
Communications Manager device over a HTTPS connection, the Cisco
Unified Communications Manager returns credentials for a user account
that is used to manage the Cisco Unified Communications Manager
Summary
=======
The Cisco Application Extension Platform contains a privilege escalation
vulnerability in the tech support diagnostic shell that may allow an
authenticated user to obtain administrative access to a vulnerable Cisco
Application Extension Platform module. Cisco has released free software updates
that address this vulnerability. There is no workaround for this vulnerability.
This advisory is posted at:
Appliance is located on the About page of the IronPort Encryption
Appliance administration interface.
Note: Customers should contact IronPort support to determine which
software fixes are applicable for their environment. Please consult
the Obtaining Fixed Software section of this advisory for more
information.
Products Confirmed Not Vulnerable
+--------------------------------
than CVE-2010-4164. (CVE-2010-3873)
The bcm_connect function Broadcast Manager in the Controller Area
Network (CAN) implementation in the Linux creates a publicly accessible
file with a filename containing a kernel memory address, which allows
local users to obtain potentially sensitive information about kernel
memory use by listing this filename. (CVE-2010-4565)
The install_special_mapping function in mm/mmap.c does not make an
expected security_file_mmap function call, which allows local users
to bypass intended mmap_min_addr restrictions and possibly conduct
that specifies a small value, leading to a divide-by-zero error or
incorrect use of a signed integer. (CVE-2010-4165)
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel
does not initialize a certain structure, which allows local users to
obtain potentially sensitive information from kernel stack memory
via vectors related to the shmctl system call and the old shm
interface. (CVE-2010-4072)
The ipc subsystem in the Linux kernel does not initialize certain
structures, which allows local users to obtain potentially sensitive
Summary
=======
Cisco Digital Media Manager contains a vulnerability that may allow a
remote, authenticated attacker to elevate privileges and obtain full
access to the affected system.
Cisco Show and Share is not directly affected by this vulnerability.
However, because Cisco Show and Share relies on Cisco Digital Media
Manager for authentication services, attackers who compromise the
* Cisco Unity Connection Privilege Escalation Vulnerability
* Cisco Unity Connection Denial of Service Vulnerability
Exploitation of the Cisco Unity Connection Privilege Escalation
Vulnerability may allow an authenticated, remote attacker to elevate
privileges and obtain full access to the affected system.
Exploitation of the Cisco Unity Connection Denial of Service
Vulnerability may allow an unauthenticated, remote attacker to cause
system services to terminate unexpectedly, which may result in a
denial of service condition.
Summary
=======
A vulnerability exists in the Cisco Network Admission Control (NAC)
Appliance that can allow an attacker to obtain the shared secret that
is used between the Cisco Clean Access Server (CAS) and the Cisco Clean
Access Manager (CAM).
Cisco has released free software updates that address this
vulnerability.
Next Page>>
|
