Next Page >>
prior
or
"dlsw local-peer peer-id <IP address>"
Any version of Cisco IOS prior to the versions which are listed in
the Software Versions and Fixes section below is vulnerable.
To determine the version of Cisco IOS software running on a Cisco
product, log in to the device and issue the show version command to
display the system banner. Cisco IOS Software will identify itself as
| | Cisco ACE | Cisco ACE |
| | 4710 | Module |
| | Appliance | |
|-------------------------------------+--------------+--------------|
| | All versions | All versions |
| Default Usernames and Passwords | prior to A1 | prior to A2 |
| | (8a) | (1.1) |
|-------------------------------------+--------------+--------------|
| | All versions | All versions |
| Privilege Escalation Vulnerability | prior to A1 | prior to A2 |
| | (8a) | (1.2) |
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 20080819 SPCL112A
HP LaserJet 2420 with firmware prior to 20080819 SPCL112A
HP LaserJet 2430 with firmware prior to 20080819 SPCL112A
HP LaserJet P3005 with firmware prior to 02.043.1
HP LaserJet P3015 with firmware prior to 06.043.2
HP LaserJet P4015 with firmware prior to 04.049.0
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 08.113.0
HP LaserJet 2420 with firmware prior to 08.113.0
HP LaserJet 2430 with firmware prior to 08.113.0
HP LaserJet P3005 with firmware prior to 02.043.1
HP LaserJet P3015 with firmware prior to 06.043.2
HP LaserJet P4015 with firmware prior to 04.049.0
VMware Workstation 6.0.0
VMware Player 2.0.0
VMware ACE 2.0.0
VMware Workstation prior to 5.5.5
VMware Player prior to 1.0.5
VMware Server prior to 1.0.4
VMware ACE prior to 1.0.4
VMware ESX 3.0.2 without patches ESX-1001725 ESX-1001731 ESX-1001726
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided scores for the vulnerabilities in this advisory based
on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
* CiscoWorks LAN Management Solution
+---------------------------------------------------------------+
| LAN Management Solution Versions | Common Services Versions |
|------------------------------------+--------------------------|
| Prior to 3.2 on Microsoft Windows | Various |
|------------------------------------+--------------------------|
| 3.2 on Microsoft Windows | 3.3 |
|------------------------------------+--------------------------|
| 3.2.1 on Microsoft Windows | 3.3.1 |
|------------------------------------+--------------------------|
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 20080819 SPCL112A
HP LaserJet 2420 with firmware prior to 20080819 SPCL112A
HP LaserJet 2430 with firmware prior to 20080819 SPCL112A
HP LaserJet 4250 with firmware prior to 20090323 SPCL014A
HP LaserJet 4350 with firmware prior to 20090323 SPCL014A
HP LaserJet 5200 with firmware prior to 20090305 SPCL0601A
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 20080819 SPCL112A
HP LaserJet 2420 with firmware prior to 20080819 SPCL112A
HP LaserJet 2430 with firmware prior to 20080819 SPCL112A
HP LaserJet 4250 with firmware prior to 20090323 SPCL014A
HP LaserJet 4350 with firmware prior to 20090323 SPCL014A
HP LaserJet 5200 with firmware prior to 20090305 SPCL0601A
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 20080819 SPCL112A
HP LaserJet 2420 with firmware prior to 20080819 SPCL112A
HP LaserJet 2430 with firmware prior to 20080819 SPCL112A
HP LaserJet 4250 with firmware prior to 20080819 SPCL015A
HP LaserJet 4350 with firmware prior to 20080819 SPCL015A
HP LaserJet 9040 with firmware prior to 20080819 SPCL110A
A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized access to files.
References: CVE-2008-4419
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP LaserJet 2410 with firmware prior to 20080819 SPCL112A
HP LaserJet 2420 with firmware prior to 20080819 SPCL112A
HP LaserJet 2430 with firmware prior to 20080819 SPCL112A
HP LaserJet 4250 with firmware prior to 20080819 SPCL015A
HP LaserJet 4350 with firmware prior to 20080819 SPCL015A
HP LaserJet 9040 with firmware prior to 20080819 SPCL110A
| Vulnerability | Product | Version |
| | Affected | Affected |
|---------------+----------+------------|
| Invalid | ACE | All |
| Directory | Device | versions |
| Permissions | Manager | prior to |
| | | A3(2.1) |
|---------------+----------+------------|
| Invalid | | All |
| Directory | ANM | versions |
| Permissions | | prior to |
Problem Description:
Security issues were identified and fixed in openjdk (icedtea6)
and icedtea-web:
IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality
via unknown vectors related to Networking (CVE-2011-3547).
IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start
applications and untrusted Java applets to affect confidentiality,
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerabilities in individual networks.
following example:
Router# show ip pim interface
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
10.1.0.1 GigabitEthernet0/0 v2/SD 0 30 1 10.1.0.1
10.6.0.1 GigabitEthernet0/1 v2/SD 1 30 1 10.6.0.2
In order to determine the software that runs on a Cisco IOS product,
Summary
=======
Two vulnerabilities exist in the virtual private dial-up network
(VPDN) solution when Point-to-Point Tunneling Protocol (PPTP) is used
in certain Cisco IOS releases prior to 12.3. PPTP is only one of the
supported tunneling protocols used to tunnel PPP frames within the
VPDN solution.
The first vulnerability is a memory leak that occurs as a result of
PPTP session termination. The second vulnerability may consume all
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products :
- AVG Anti-Virus Network Edition (prior to engine build 8.5 323)
- AVG Internet Security Netzwerk Edition (prior to engine build 8.5 323)
- AVG Server Edition fr Linux/FreeBSD (prior to engine build 8.5 323)
- AVG eMail Server Edition (prior to engine build 8.5 323)
- AVG File Server Edition (prior to engine build 8.5 323)
- AVG Internet Security SBS Edition (prior to engine build 8.5 323)
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | On certain implementations of libc, the scanf family of |
| | functions uses an unbounded amount of stack memory to |
| | repeatedly allocate string buffers prior to conversion |
| | to the target type. Coupled with Asterisk's allocation |
| | of thread stack sizes that are smaller than the default, |
| | an attacker may exhaust stack memory in the SIP stack |
| | network thread by presenting excessively long numeric |
| | strings in various fields. |
III. AFFECTED PRODUCTS
--------------------------------
Adobe Reader versions prior to 9.1.2
Adobe Reader versions prior to 8.1.6
Adobe Reader versions prior to 7.1.3
Adobe Acrobat Standard versions prior to 9.1.2
Adobe Acrobat Pro versions prior to 9.1.2
Adobe Acrobat Pro Extended versions prior to 9.1.2
Crafted TCP ACK Packet Vulnerability
+-----------------------------------
Cisco ASA and Cisco PIX devices are affected by a crafted TCP
acknowledgment (ACK) packet vulnerability. Software versions prior to
7.1(2)70 on the 7.1.x release, 7.2(4) on the 7.2.x release, and 8.0
(3)10 on the 8.0.x release are affected. Cisco ASA or Cisco PIX
security appliances running software version 7.0.x, or 8.1.x are not
vulnerable.
This section will be updated when more information is available. The
following products are confirmed to be affected by this
vulnerability:
* Cisco MDS 9000 NX-OS Software releases prior to 4.2.x are
affected. Cisco MDS 9000 NX-OS Software releases 4.2.x and later
are not affected.
* Cisco NX-OS Software for Cisco Nexus 7000 Series Switches
releases prior to 4.2.x are affected. Cisco NX-OS Software for
Cisco Nexus 7000 Series Switches versions 4.2.x and later are not
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.2.x | All versions prior to 1.2.35 |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.4.x | All versions prior to 1.4.26.3 |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.6.0.x | All versions prior to 1.6.0.17 |
|----------------------------+---------+---------------------------------|
Next Page>>
|
