CISCO Security Advisory
Multiple Vulnerabilities in Cisco Wireless LAN Controllers
The Cisco Wireless LAN Controller (WLC) product family is affected by these vulnerabilities: Two denial of service (DoS) vulnerabilities; Three privilege escalation vulnerabilities; Two access control list (ACL) bypass vulnerabilities.
(read more)Cisco IOS XR Software Border Gateway Protocol Vulnerability
Cisco IOS XR Software contains a vulnerability in the Border Gateway Protocol (BGP) feature. The vulnerability manifests itself when a BGP peer announces a prefix with a specific, valid but unrecognized transitive attribute. On receipt of this prefix, the Cisco IOS XR device will corrupt the attribute before sending it to the neighboring devices. Neighboring devices that receive this corrupted update may reset the BGP peering session.
(read more)Cisco Unified Communications Manager Denial of Service Vulnerabilities
Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
(read more)Cisco Unified Presence Denial of Service Vulnerabilities
Cisco Unified Presence contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of presence services.
(read more)Cisco IOS Software TCP Denial of Service Vulnerability
Cisco IOS Software Release, 15.1(2)T is affected by a denial of service (DoS) vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these states could consume system resources and prevent an affected device from accepting or initiating new TCP connections, including any TCP-based remote management access to the device.
(read more)Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine
The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine contain the following DoS vulnerabilities: Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS vulnerability Secure Socket Layer (SSL) DoS vulnerability SIP inspection DoS vulnerability
(read more)SQL Injection Vulnerability in Cisco Wireless Control System
Cisco Wireless Control System (WCS) contains a SQL injection vulnerability that could allow an authenticated attacker full access to the vulnerable device, including modification of system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS.
(read more)SNMP Version 3 Authentication Vulnerabilities
Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
(read more)Multiple Vulnerabilities in Cisco Firewall Services Module
(read more)Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
(read more)CDS Internet Streamer: Web Server Directory Traversal Vulnerability
The Cisco Internet Streamer application, part of the Cisco Content Delivery System, contains a directory traversal vulnerability on its web server component that allows for arbitrary file access. By exploiting this vulnerability, an attacker may be able to read arbitrary files on the device, outside of the web server document directory, by using a specially crafted URL.
(read more)Transport Layer Security Renegotiation Vulnerability
An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack.
(read more)Cisco Secure Desktop ActiveX Control Code Execution Vulnerability
Updated workarounds.
(read more)Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability
(read more)Vulnerabilities in Cisco Unified Contact Center Express
(read more)Cisco Application Extension Platform Privilege Escalation Vulnerability
(read more)Multiple Vulnerabilities in Cisco Network Building Mediator
Multiple vulnerabilities exist in the Cisco Network Building Mediator (NBM) products. These vulnerabilities also affect the legacy Richards-Zeta Mediator products.
(read more)Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
Cisco Small Business Video Surveillance Cameras and Cisco RVS4000 4-port Gigabit Security Routers contain a vulnerability that could allow an authenticated user to view passwords for other users, regardless of the authenticated user's level of authorization.
(read more)Multiple Vulnerabilities in Cisco PGW Softswitch
(read more)IOS HTTP Server Command Injection Vulnerability
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected.
(read more)Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
(read more)Cisco IOS Software H.323 Denial of Service Vulnerabilities
Added caution about debug commands.
(read more)Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability
Update made to iACL example.
(read more)Cisco IOS Software IPsec Vulnerability
(read more)Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability
(read more)Cisco Unified Communications Manager Express Denial of Service Vulnerabilities
(read more)Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability
(read more)Multiple Vulnerabilities in Cisco Digital Media Manager
Multiple vulnerabilities exist in the Cisco Digital Media Manager (DMM). This security advisory outlines details.
(read more)Cisco Digital Media Player Remote Display Unauthorized Content Injection Vulnerability
A vulnerability exists in the Cisco Digital Media Player that could allow an unauthenticated attacker to inject video or data content into a remote display.
(read more)Multiple Vulnerabilities in Cisco Security Agent
(read more)Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
(read more)Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability
(read more)Multiple Vulnerabilities in Cisco IronPort Encryption Appliance
Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthenticated access to any file on the device and one vulnerability that allows remote, unauthenticated users to execute arbitrary code with elevated privileges. There are workarounds available to mitigate these vulnerabilities.
(read more)Multiple Vulnerabilities in Cisco Unified MeetingPlace
Multiple vulnerabilities exist in Cisco Unified MeetingPlace. This security advisory outlines the details of these vulnerabilities.
(read more)Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability
(read more)Cisco Security Advisory: Cisco IOS XR Software SSH Denial of Service Vulnerability
(read more)Multiple Cisco WebEx WRF Player Vulnerabilities
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user.
(read more)Cisco Global Site Selector Appliances DNS Vulnerability
The Cisco Application Control Engine Global Site Selector (GSS) contains a vulnerability when processing specific Domain Name System (DNS) requests that may lead to a crash of the DNS service on the GSS.
(read more)Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
(read more)Cisco IOS Software Authentication Proxy Vulnerability
(read more)
