Next Page >>
workaround
* Certificate Authority Proxy Function (CAPF)
* Session Initiation Protocol (SIP)
* Simple Network Management Protocol (SNMP) Trap
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate some of these
vulnerabilities are available.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080514-cucmdos.shtml.
* Certificate Authority Proxy Function (CAPF)
* Session Initiation Protocol (SIP)
* Simple Network Management Protocol (SNMP) Trap
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate some of these
vulnerabilities are available.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080514-cucmdos.shtml.
This vulnerability can only be exploited if the attacker tricks the
WebAccess user into clicking a malicious link and the attacker has
control of a server on the same network as the system where
WebAccess is being used.
Workaround
By switching off WebAccess the issue can no longer be exploited.
This can be accomplished on affected versions of Virtual Center and
ESX as follows:
Virtual Center 2.0.2 and Virtual Center 2.5:
vulnerability where well known SNMP community names are hard-coded
for both read and write access. The hard-coded community names are
"public" and "private."
Cisco recommends that all administrators deploy the mitigation
measures outlined in the Workarounds section or perform a Cisco IOS
Software upgrade.
Cisco has released free software updates that address this
vulnerability.
processing a malformed SNMPv3 message. These vulnerabilities could
allow the disclosure of network information or may enable an attacker
to perform configuration changes to vulnerable devices. The SNMP
server is an optional service that is disabled by default in Cisco
products. Only SNMPv3 is impacted by these vulnerabilities.
Workarounds are available for mitigating the impact of the
vulnerabilities described in this document.
The United States Computer Emergency Response Team (US-CERT) has
assigned Vulnerability Note VU#878044 to these vulnerabilities.
* Privilege escalation
* Unauthorized information interception
* Unauthorized information access
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate some of the listed
vulnerabilities are available.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml
vulnerability in the processing of certain IPS signatures that use
the SERVICE.DNS engine. This vulnerability may cause a router to
crash or hang, resulting in a denial of service condition.
Cisco has released free software updates that address this
vulnerability. There is a workaround for this vulnerability.
Note: This vulnerability is not related in any way to CVE-2008-1447 -
Cache poisoning attacks. Cisco Systems has published a Cisco Security
Advisory for that vulnerability, which can be found at
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
Two vulnerabilities exist in the Cisco VPN Client for Microsoft Windows
that may allow unprivileged users to elevate their privileges to those of
the LocalSystem account.
A workaround exists for one of the two vulnerabilities disclosed in this
advisory.
Cisco has made free software available to address these vulnerabilities
for affected customers.
it to persist after the installation. An attacker who is aware of
this vulnerability could authenticate with administrative privileges
and arbitrarily change the configuration of Cisco Network Registrar.
The upgrade to Software Release 7.2 is not free; however, a
workaround is provided in this document that will prevent
exploitation of the vulnerability.
When performing an upgrade to Software Release 7.2, you must use the
workaround to change the password of the administrative account. You
will be prompted to enter a new administrator's password only if you
on an affected device when the Cisco Unified Border Element feature
is enabled.
Cisco has released free software updates that address this
vulnerability. For devices that must run SIP there are no
workarounds; however, mitigations are available to limit exposure of
the vulnerability.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20090923-sip.shtml
Skinny Client Control Protocol (SCCP) crafted messages may cause a
Cisco IOS device that is configured with the Network Address
Translation (NAT) SCCP Fragmentation Support feature to reload.
Cisco has released free software updates that address this
vulnerability. A workaround that mitigates this vulnerability is
available.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml
Vulnerability
These vulnerabilities are not interdependent; a release that is affected
by one vulnerability is not necessarily affected by the others.
There are workarounds for some of the vulnerabilities disclosed in this
advisory.
Cisco has released free software updates that address these
vulnerabilities.
device when SIP operation is enabled. Remote code execution may also
be possible.
Cisco has released free software updates that address these
vulnerabilities. For devices that must run SIP there are no
workarounds; however, mitigations are available to limit exposure of
the vulnerabilities.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml
Versions Affected:
Spring Framework 1.1.0-2.5.6, 3.0.0.M1-3.0.0.M2
dm Server 1.0.0-1.0.2 (note 2.x not affected since dm Server 2.x requires a 1.6 JDK)
Description:
The j.u.r.Pattern.compile method in Sun 1.5 JDK has a problem ([1],[2]) with exponential compilation times, when using optional groups. A workaround [3] was implemented in 1.4.2_06 but the root cause of poor performance in regex processing was not resolved until JDK 1.6.
JdkRegexpMethodPointcut calls Pattern.compile(source[i]); via it's inherited readObject method (from AbstractRegexpMethodPointcut). When Sun JVM 1.5 driven application with spring.jar in its classpath accepts serializable data, an attacker could use a long regex string with many optional groups to consume enormous CPU resources. And, with a few requests all listeners will be occupied with compiling regex expressions forever.
Mitigation:
* Users of all products may upgrade to JRE/JDK 1.6 which includes the fix for the root cause
* Spring Framework 2.5.6.SEC01 has been released for Community users that includes a workaround to the root cause - see[4] for upgrade steps
Cisco has released free software updates that address these
vulnerabilities. Fixed Cisco IOS software listed in the Software
Versions and Fixes section contains fixes for all vulnerabilities
addressed in this advisory.
There are no workarounds available to mitigate the effects of any of
the vulnerabilities apart from disabling the protocol or feature
itself, if administrators do not require the Cisco IOS device to
provide voice over IP services.
This advisory is posted at
*Non-vulnerable Packages*
. Contact the vendor for fixed versions of the product.
*Vendor Information, Solutions and Workarounds*
In general process control networks should be physically isolated from
corporate or other publicly accessible data networks as such an isolated
network will limit the exposure of systems with network facing
vulnerabilities only to accidental disruption or potentially malicious
versions of l123sr.dll
*Non-vulnerable packages*
N/A
*Solution/Vendor Information/Workaround*
Lotus Notes customers should follow the instructions of the following
support Technote, which outlines the available options based on specific
versions of Lotus Notes:
(SIP) implementation in Cisco IOS^ Software that could allow an
unauthenticated, remote attacker to cause a reload of an affected
device when SIP operation is enabled.
Cisco has released free software updates that address these
vulnerabilities. There are no workarounds for devices that must run
SIP; however, mitigations are available to limit exposure to the
vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml
reload of an affected device or trigger memory leaks that may result
in system instabilities. Affected devices would need to be configured
to process SIP messages for these vulnerabilities to be exploitable.
Cisco has released free software updates that address these
vulnerabilities. There are no workarounds for devices that must run
SIP; however, mitigations are available to limit exposure to the
vulnerabilities.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110928-sip.shtml.
This only applies to Oracle 11g with the newest security features
enabled which is, by the way, default behavior. Anyway, an attack
detected at the TNS listener's log level is not a detected attack at the
RDBMS server level, neither an attack prevention method.
Workarounds
-----------
Better than using workarounds is to patch the vulnerability. However, in
case you're using an outdated version for which no patch is available or
if you can't pach for a reason, the following is a list of possible
Due to a flaw in the handler function for RPC commands, it is
possible to manipulate data pointers within the VMX process.
This vulnerability may allow a guest user to crash the VMX
process or potentially execute code on the host.
Workaround
- Configure virtual machines to use less than 4 GB of memory.
Virtual machines that have less than 4GB of memory are
not affected.
Mitigation
5. *Non-vulnerable packages*
. Internet Explorer 8 under Windows 2000/2003/XP/Vista
6. *Vendor Information, Solutions and Workarounds*
The following workarounds can prevent exploitation of the vulnerability:
. Use Internet Explorer's Protocol Lockdown feature control to
restrict the "file" protocol to prevent HTML from UNC path to run script
power cycle to recover platform operation. Platforms deployed in
promiscuous mode only or that do not contain gigabit network
interfaces are not vulnerable.
Cisco has released free software updates that address this
vulnerability. There is a workaround for this vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20080618-ips.shtml.
Affected Products
Summary
=======
Cisco Unified IP Phone models contain multiple overflow and denial of
service (DoS) vulnerabilities. There are workarounds for several of
these vulnerabilities. Cisco has made free software available to
address this issue for affected customers.
This advisory is posted at:
- ESXi 4.1 was upgraded from ESXi 3.5 or ESXi 4.0.
- The SFCB configuration file /etc/sfcb/sfcb.cfg was modified prior
to the upgrade.
- The sfcbd daemon is running (sfcbd runs by default).
Workaround
A workaround that can be applied to ESXi 4.1 is described in VMware
Knowledge Base Article KB 1031761
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-4573 to this issue.
. Oracle GlassFish Server 3.1
. Contact Oracle for patches for other GlassFish versions
6. *Vendor Information, Solutions and Workarounds*
Oracle notifies that GlassFish Server 3.1 was released in March 2011 and
was fixed before release, so it is not affected. Oracle also notifies
that patches for previous versions will be available in July, 2011. As a
policy, Oracle does not provide workarounds unless they can be easily
Cisco Unified Communications Manager contains five (5) denial of
service (DoS) vulnerabilities.
Cisco has released free software updates for affected versions of
Cisco Unified Communications Manager to address the vulnerabilities.
A workaround exists for the SIP and Packet Capture Service DoS
vulnerabilities.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20110824-cucm.shtml
These vulnerabilities are independent of each other; a release that is
affected by one of the vulnerabilities may not be affected by the
others.
Cisco has released free software updates that address these
vulnerabilities. Workarounds are available to mitigate some of the
vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa
The Cisco Application Extension Platform contains a privilege escalation
vulnerability in the tech support diagnostic shell that may allow an
authenticated user to obtain administrative access to a vulnerable Cisco
Application Extension Platform module. Cisco has released free software updates
that address this vulnerability. There is no workaround for this vulnerability.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100609-axp.shtml
to ensure not only supplying a quick update, but also announcing
the issue properly so users see the need for installed the
coming imporant firmware update.
It was proposed to the vendor to remove the key from the keyring
as described in the workaround section.
Additionally the ENCK values in the flash should be overwritten.
Once a firmware update is available, it will be tested that it
removes the crypto backdoor.
Watch the advisory URL for updates:
Next Page>>
|
