exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Response 20110505-ios

Cisco Security Response 20110505-ios
Posted May 5, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

tags | advisory, vulnerability
systems | cisco
SHA-256 | ac868da7539c09459df98a634ab8f4c33c7b86d10462a10ba94406de92cecb96

Cisco Security Response 20110505-ios

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Response: Cisco IOS Software Denial of Service
Vulnerabilities

http://www.cisco.com/warp/public/707/cisco-sr-20110505-ios.shtml

Revision 1.0

For Public Release 2011 May 05 1600 UTC (GMT)

Cisco Response
==============

This is the Cisco PSIRT response to two postings on bugtraq by NCNIPC
(China) regarding reported vulnerabilities in Cisco IOS Software.

The original reports are available at the following links:

* Cisco IOS UDP Denial of Service Vulnerability leavingcisco.com
* Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
leavingcisco.com

We greatly appreciate the opportunity to work with researchers on
security vulnerabilities and welcome the opportunity to review and
assist in product reports.

Additional Information
======================

Cisco PSIRT is actively working with NCNIPC (China) to further
understand the details of what is reported in the bugtraq postings.

At this stage Cisco PSIRT cannot confirm the existence of any new
vulnerabilities in Cisco IOS Software based on the information that
is currently available. This Cisco Security Response will be updated
as new information becomes available.

Cisco PSIRT recommends limiting access to the network with
Infrastructure Acess Control Lists (iACLs). Although it is often
difficult to block traffic that transits a network, it is possible to
identify traffic that should never be allowed to target
infrastructure devices and block that traffic at the border of
networks. Infrastructure Access Control Lists (iACLs) are a network
security best practice and should be considered as a long-term
addition to good network security.

The white paper entitled "Protecting Your Core: Infrastructure
Protection Access Control Lists" presents guidelines and recommended
deployment techniques for infrastructure protection access lists and
is available at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml

Status of this Notice: INTERIM
==============================

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW
INFORMATION BECOMES AVAILABLE.

A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.

Revision History
================

+------------------------------------------------------------+
| Revision 1.0 | 2011-May-05 | Initial public release |
+------------------------------------------------------------+

Cisco Security Procedures
=========================

Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.

+--------------------------------------------------------------------
Copyright 2010-2011 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iF4EAREIAAYFAk3CsMoACgkQQXnnBKKRMNBp2AD+Odzl3qrzCbs0IOArRrPfUPpV
Rq0xW2X33LL6vjYZERkA/2/UIk7TaqfMZ3Idvx/oDa4hy951XR/YPJxiHCknUjY2
=JZH0
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close