what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Cisco Security Advisory 20120926-nat
Posted Sep 26, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco IOS Software Network Address Translation (NAT) feature contains two denial of service (DoS) vulnerabilities in the translation of IP packets. The vulnerabilities are caused when packets in transit on the vulnerable device require translation. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | f866d237931005ac54413bcca55338710c290b4fd86b1addc2bab627cc0c95ad

Related Files

Cisco Security Advisory 20110928-cucm
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

tags | advisory, protocol, memory leak
systems | cisco
advisories | CVE-2011-2072
SHA-256 | a5f1927958aa4c1612f94d0917d625ae14208a68fe421f75813a8f60c2bc9f7e
Cisco Security Advisory 20110928-sip
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

tags | advisory, remote, vulnerability, protocol, memory leak
systems | cisco, osx
advisories | CVE-2011-0939, CVE-2011-2072, CVE-2011-3275
SHA-256 | 3e5c649daea98f2fca96808c0596078230f8dd81427f67c139229f5446d49360
Cisco Security Advisory 20110928-nat
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of multiple protocols. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | cisco
advisories | CVE-2011-0946, CVE-2011-3276, CVE-2011-3277, CVE-2011-3278, CVE-2011-3279, CVE-2011-3280
SHA-256 | e071e8cf0c9a04c74dd457a5df6b6f75145eca329e618d38d8ba34088be76e8f
Cisco Security Advisory 20110928-ipv6mpls
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 (IPv6) packets over a Multiprotocol Label Switching (MPLS) domain. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2011-3274, CVE-2011-3282
SHA-256 | 4d36bd86f4893e9328e2c85fa20a7e72f6dc6a41ea349b91dabc9c706e9251c7
Cisco Security Advisory 20110928-ipv6
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote, protocol
systems | cisco
advisories | CVE-2011-0944
SHA-256 | 74550bef25d75f770748bb38ce41e79ab4a3cb766433088ce705b8134651d431
Cisco Security Advisory 20110928-dlsw
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching (DLSw) feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol, memory leak
systems | cisco
advisories | CVE-2011-0945
SHA-256 | 59dbf91a55e22df3cd1144dfc2469be522334d8fd87eeebb1da1c6ef61183583
Cisco Security Advisory 20110928-c10k
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco 10000 Series Router is affected by a denial of service (DoS) vulnerability that can allow an attacker to cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are also available.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-3270
SHA-256 | 858057723ce7ca1ca4dd27076208f63f0734717b9b27b1d36e76c74eb04c6a76
Cisco Security Advisory 20110920-ise
Posted Sep 21, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-3290
SHA-256 | f8b64349683d7496a8300593b934d118350bd667fccd7d4bba5b889e0720aff7
Cisco Security Advisory 20110914-cusm
Posted Sep 14, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | cisco
advisories | CVE-2011-2738
SHA-256 | 60f64f878c6e3dae9e0b096b560a4e86328ac006294b203fc5ed04649eb4d281
Cisco Security Advisory 20110914-lms
Posted Sep 14, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities exist in CiscoWorks LAN Management Solution software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | cisco
advisories | CVE-2011-2738
SHA-256 | 7bb8d2516418d72089afabd1bbb2d0fc50c7fbf76a0479f0c0d065c00895c421
Cisco Security Advisory 20110907-nexus
Posted Sep 8, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in Cisco Nexus 5000 and 3000 Series Switches that may allow traffic to bypass deny statements in access control lists (ACLs) that are configured on the device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2011-2581
SHA-256 | e3a02e16068641fe05c51a6feb47b46b3a39ff777fed234371844bafb467a431
Cisco Security Advisory 20110831-tandberg
Posted Aug 31, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs that are running software versions prior to TC4.0.0 or F9.1 contain a vulnerability that could allow an attacker to cause a denial of service. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-2577
SHA-256 | d046775df4a222ab70f9a6dd8997e978c24f6aed99fd5b6420b1c55eb73c47dd
Cisco Security Advisory 20110830-apache
Posted Aug 31, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document listed in this advisory.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-3192
SHA-256 | e3f873ef74fc9699c6df741f380df175d71fa69b431831e573d3f294b6c86326
Cisco Security Advisory 20110824-cucm
Posted Aug 25, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager contains five (5) denial of service (DoS) vulnerabilities. Cisco has released free software updates for affected versions of Cisco Unified Communications Manager to address the vulnerabilities. A workaround exists for the SIP and Packet Capture Service DoS vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2011-2560, CVE-2011-2561, CVE-2011-2562, CVE-2011-2563, CVE-2011-2564
SHA-256 | 9203ef304f7ca355a829e3b6b8ad4816d3ac1be10947386380d0bea05afe0f5d
Cisco Security Advisory 20110824-cucm-cups
Posted Aug 25, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager (previously known as Cisco CallManager) and Cisco Unified Presence Server contain an open query interface that could allow an unauthenticated, remote attacker to disclose the contents of the underlying databases on affected product versions. Cisco has released free updated software for most supported releases. A security patch file is also available for all supported versions that will remediate this issue. The patch may be applied to active systems without requiring a reload. Customers are advised to apply a fixed version or upgrade to a fixed train. Customers who need to stay on a version for which updated software is not currently available or who can not immediately apply the update are advised to apply the patch. No workarounds are available for this issue.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-1643
SHA-256 | 961ffa1fc976edc98b7f96041bb64493d1fd4b1f388ad4cf6a7191575417a67f
Cisco Security Advisory 20110824-ime
Posted Aug 25, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2011-2563, CVE-2011-2564
SHA-256 | 374bdf9736f97ff2f0eb95efc35d361132fed2c3ba771f777d55e3239280b5c6
Cisco Security Advisory 20110729-tp
Posted Jul 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, root
systems | cisco
advisories | CVE-2011-2555
SHA-256 | 33bcf3e51909c455b5c3fae308d9e8e2032825d079b6cad6b6ce0e251294ab9f
Cisco Security Advisory 20110720-sa500
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, web, vulnerability
systems | cisco
advisories | CVE-2011-2546, CVE-2011-2547
SHA-256 | 8b3960c1957150337fa342ec83e2ac3e818b1cc014f35f691270707173b6a216
Cisco Security Advisory 20110720-asr9k
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

tags | advisory
systems | cisco, osx
advisories | CVE-2011-2549
SHA-256 | 87fa33ee924bcf0d8e5f8a6c407248b7e7facaaff576542c1526f34a106a7dff
Cisco Security Advisory 20110706-csg
Posted Jul 7, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.

tags | advisory, remote, denial of service
systems | cisco
advisories | CVE-2011-2064
SHA-256 | 47affad59b00044d9ad060263d5a9a48eed230f89c78af4c892b70ed3be57832
Cisco Security Advisory 20110601-ac
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

tags | advisory, arbitrary, local, vulnerability
systems | cisco
advisories | CVE-2011-2039, CVE-2011-2040, CVE-2011-2041
SHA-256 | b6f62c24ad600052d82c60490ef64ffb9b47d1a6b4fbb76139a5453a3b92aadf
Cisco Security Advisory 20110601-mxe
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

tags | advisory, root
systems | cisco
advisories | CVE-2011-1623
SHA-256 | a9b9f6b84efd5f5410ccfdf9fc190f25c02e24a757639b8c1c38c6f42d3997fd
Cisco Security Advisory 20110601-phone
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, vulnerability, bypass
systems | cisco
advisories | CVE-2011-1602, CVE-2011-1603, CVE-2011-1637
SHA-256 | a5da1041cf885eced48a7af3b7acdb0686e61e90f3ff3a0f850f27a77b7a7177
Cisco Security Advisory 20110601-cnr
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

tags | advisory
systems | cisco
advisories | CVE-2011-2024
SHA-256 | 6c73501b3f4ee218038777f46b6592c27d8398fe0ea571b5943f57bb082bc5a3
Cisco Security Advisory 20110525-iosxr-ssh
Posted May 26, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability in the SSH application that may result in a denial of service condition when the SSH version 1 (SSHv1) protocol is used. The vulnerability is a result of unremoved sshd_lock files consuming all available space in the /tmp filesystem. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service, protocol
systems | cisco, osx
advisories | CVE-2011-0949
SHA-256 | 9423a49d885a27cb66c986c0b9fafb190ceaa087a348da8289b4575851d9205f
Page 3 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close