News > Cisco Security Advisory

Cisco Security Advisory

Feeds RSS

Cisco IOS MPLS VPN May Leak Information

Tuesday, November 18, 2008 10:00:00 PM
Devices running Cisco IOS versions 12.0S, 12.2, 12.3 or 12.4 and configured for Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs) or VPN Routing and Forwarding Lite (VRF Lite) and using Border Gateway Protocol (BGP) between Customer Edge (CE) and Provider Edge (PE) devices may permit information to propagate between VPNs.

Multiple Vulnerabilities in Cisco PIX and Cisco ASA.

Tuesday, October 21, 2008 9:00:00 PM
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances.

Multiple Multicast Vulnerabilities in Cisco IOS Software

Tuesday, October 14, 2008 4:00:00 AM
Two crafted Protocol Independent Multicast (PIM) packet vulnerabilities exist in Cisco IOS software that may lead to a denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

Authentication Bypass in Cisco Unity

Wednesday, October 08, 2008 1:00:00 AM
A vulnerability exists in Cisco Unity that could allow an unauthenticated user to view or modify some of the configuration parameters of the Cisco Unity server. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.

Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

Wednesday, September 24, 2008 12:00:00 AM
Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS that can be exploited remotely to trigger a memory leak or to cause a reload of the IOS device.

Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability

Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) is vulnerable to a Denial of Service (DoS) attack from specially crafted packets. Only the MFI is affected by this vulnerability. Older Label Forwarding Information Base (LFIB) implementation, which is replaced by MFI, is not affected.

Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities

Cisco Unified Communications Manager, formerly Cisco Unified CallManager, contains two denial of service (DoS) vulnerabilities in the Session Initiation Protocol (SIP) service. An exploit of these vulnerabilities may cause an interruption in voice services.

Cisco uBR10012 Series Devices SNMP Vulnerability

Cisco uBR10012 series devices automatically enable Simple Network Management Protocol (SNMP) read/write access to the device if configured for linecard redundancy. This can be exploited by an attacker to gain complete control of the device. Only Cisco uBR10012 series devices that are

Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability

A vulnerability exists in the Cisco IOS software implementation of Layer 2 Tunneling Protocol (L2TP), which affects limited Cisco IOS software releases.

Vulnerability in Cisco IOS While Processing SSL Packet

A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange.

Cisco IOS IPS Denial of Service Vulnerability

The Cisco IOS Intrusion Prevention System (IPS) feature contains a vulnerability in the processing of certain IPS signatures that use the SERVICE.DNS engine. This vulnerability may cause a router to crash or hang, resulting in a denial of service condition.

Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability

Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected.

Cisco IOS NAT Skinny Call Control Protocol Vulnerability

A series of segmented Skinny Call Control Protocol (SCCP) messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload.

Cisco IOS Software Firewall Application Inspection Control Vulnerability

Cisco IOS software configured for IOS firewall Application Inspection Control (AIC) with a HTTP configured application-specific policy are vulnerable to a Denial of Service when processing a specific malformed HTTP transit packet. Successful exploitation of the vulnerability may result in a reload of the affected device.

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

Tuesday, September 09, 2008 6:30:00 AM

Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

Tuesday, September 02, 2008 11:20:00 PM
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances that may result in a reload of the device or disclosure of confidential information. This security advisory outlines details of the following vulnerabilities: