exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Response 20110505-ios

Cisco Security Response 20110505-ios
Posted May 5, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.

tags | advisory, vulnerability
systems | cisco
SHA-256 | ac868da7539c09459df98a634ab8f4c33c7b86d10462a10ba94406de92cecb96

Cisco Security Response 20110505-ios

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Response: Cisco IOS Software Denial of Service
Vulnerabilities

http://www.cisco.com/warp/public/707/cisco-sr-20110505-ios.shtml

Revision 1.0

For Public Release 2011 May 05 1600 UTC (GMT)

Cisco Response
==============

This is the Cisco PSIRT response to two postings on bugtraq by NCNIPC
(China) regarding reported vulnerabilities in Cisco IOS Software.

The original reports are available at the following links:

* Cisco IOS UDP Denial of Service Vulnerability leavingcisco.com
* Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
leavingcisco.com

We greatly appreciate the opportunity to work with researchers on
security vulnerabilities and welcome the opportunity to review and
assist in product reports.

Additional Information
======================

Cisco PSIRT is actively working with NCNIPC (China) to further
understand the details of what is reported in the bugtraq postings.

At this stage Cisco PSIRT cannot confirm the existence of any new
vulnerabilities in Cisco IOS Software based on the information that
is currently available. This Cisco Security Response will be updated
as new information becomes available.

Cisco PSIRT recommends limiting access to the network with
Infrastructure Acess Control Lists (iACLs). Although it is often
difficult to block traffic that transits a network, it is possible to
identify traffic that should never be allowed to target
infrastructure devices and block that traffic at the border of
networks. Infrastructure Access Control Lists (iACLs) are a network
security best practice and should be considered as a long-term
addition to good network security.

The white paper entitled "Protecting Your Core: Infrastructure
Protection Access Control Lists" presents guidelines and recommended
deployment techniques for infrastructure protection access lists and
is available at the following link:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml

Status of this Notice: INTERIM
==============================

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW
INFORMATION BECOMES AVAILABLE.

A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.

Revision History
================

+------------------------------------------------------------+
| Revision 1.0 | 2011-May-05 | Initial public release |
+------------------------------------------------------------+

Cisco Security Procedures
=========================

Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html.
This includes instructions for press inquiries regarding Cisco security
notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.

+--------------------------------------------------------------------
Copyright 2010-2011 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iF4EAREIAAYFAk3CsMoACgkQQXnnBKKRMNBp2AD+Odzl3qrzCbs0IOArRrPfUPpV
Rq0xW2X33LL6vjYZERkA/2/UIk7TaqfMZ3Idvx/oDa4hy951XR/YPJxiHCknUjY2
=JZH0
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close