Tuesday, 28 July 2009
Multiple vulnerabilities exist in the Cisco Wireless LAN Controller (WLC) platforms.  |
|
Read more...
|
|
Friday, 17 July 2009
Cisco Unified Contact Center Express (Cisco Unified CCX) server contains both a directory traversal vulnerability and a script injection vulnerability in the administration pages of the Customer Response Solutions (CRS) and Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR) products. Exploitation of these vulnerabilities could result in a denial of service condition, information disclosure, or a privilege escalation attack.  |
|
Read more...
|
|
Thursday, 25 June 2009
 |
|
Read more...
|
|
Thursday, 25 June 2009
 |
|
Read more...
|
|
Saturday, 20 June 2009
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. |
|
Read more...
|
|
Saturday, 20 June 2009
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicious commands against the device or other possible cross-site scripting attacks. Successful exploitation of this vulnerability requires that a user browse a page containing dynamic content in which HTML commands have been injected. |
|
Read more...
|
|
Friday, 03 April 2009
Several features within Cisco IOS Software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.  |
|
Read more...
|
|
Friday, 03 April 2009
A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS? Software are enabled. |
|
Read more...
|
|
Thursday, 26 March 2009
Devices that are running Cisco IOS Software and configured for Mobile IP Network Address Translation (NAT) Traversal feature or Mobile IPv6 are vulnerable to a denial of service (DoS) attack that may result in a blocked interface.  |
|
Read more...
|
|
Thursday, 26 March 2009
Cisco IOS? Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload. |
|
Read more...
|
|
Thursday, 26 March 2009
Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition.  |
|
Read more...
|
|
Thursday, 26 March 2009
A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are available; however, the IPSec NAT traversal (NAT-T) feature can be used as an alternative. |
|
Read more...
|
|
Thursday, 26 March 2009
The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a vulnerability that could allow authenticated users with an attached command-line interface (CLI) view to transfer files to and from a Cisco IOS device that is configured to be an SCP server, regardless of what users are authorized to do, per the CLI view configuration. This vulnerability could allow valid users to retrieve or write to any file on the device's file system, including the device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user does not allow it. This configuration file may include passwords or other sensitive information.  |
|
Read more...
|
|
Thursday, 12 March 2009
 |
|
Read more...
|
|
Thursday, 12 March 2009
 |
|
Read more...
|
|
Our staff have been both technical services providers and managers of IT departments, this enables us to help you to understand your options through independent advice. 
Vendor Advisories 