Thursday, 09 February 2012
  
spacer.png, 0 kB
spacer.png, 0 kB
 spacer.png, 0 kB
Cisco Advisories and Notices

The following articles belong to either of the two categories:

  • Security Advisories: For security issues that directly impact Cisco products and action is necessary to repair the Cisco product.

  • Security Notices: For issues that require a response to information posted to a public forum, or recommendations to mitigate general problems affecting network stability.


Response to OpenSSL - Potential SSL 2.0 Rollback
Saturday, 03 December 2005
This is in response to the OpenSSL Advisory released on 2005-Oct-11. The advisory is posted at http://www.openssl.org/news/secadv_20051011.txt. Some of the Cisco Systems product lines are affected by this vulnerability. The lists are not exhaustive.
Read more...
 
IOS HTTP Server Command Injection Vulnerability
Friday, 02 December 2005
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and...
Read more...
 
Cisco Security Agent Vulnerable to Privilege Escalation
Wednesday, 30 November 2005
Cisco Security Agent (CSA) is a security software agent that provides threat protection for server and desktop computing systems. CSA agents can be managed by CiscoWorks VMS Management Center for Cisco Security Agents or can be standalone agents running on Cisco IP...
Read more...
 
Response to Cisco PIX TCP Connection Prevention
Tuesday, 29 November 2005
This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in its message: [Full-disclosure] Cisco PIX TCP Connection Prevention, posted on November 22, 2005.
Read more...
 
Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone
Thursday, 17 November 2005
The Cisco 7920 Wireless IP Phone provides Voice Over IP service via IEEE 802.11b Wi-Fi networks and has a form-factor similar to a cordless phone. This product contains two vulnerabilities: The first vulnerability is an SNMP service with fixed community strings that allow remote...
Read more...
 
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Monday, 14 November 2005
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to...
Read more...
 
IOS Heap-based Overflow Vulnerability in System Timers
Thursday, 03 November 2005
The Cisco Internetwork Operating System (IOS) may permit arbitrary code execution after exploitation of a heap-based buffer overflow vulnerability. Cisco has included additional integrity checks in its software, as further described below, that are intended to reduce the...
Read more...
 
Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access
Thursday, 03 November 2005
Cisco Access Points operating in Lightweight Access Point Protocol (LWAPP) mode may allow unauthenticated end hosts to send unencrypted traffic to a secure network by sending frames from the Media Access Control (MAC) address of an already authenticated end host.
Read more...
 
Cisco IPS MC Malformed Configuration Download Vulnerability
Wednesday, 02 November 2005
The CiscoWorks VPN/Security Management Solution (VMS) is a network management application that includes Web-based tools for configuring, monitoring, and troubleshooting VPNs, firewalls, network intrusion detection systems (NIDSs), network intrusion prevention systems (NIPSs) and...
Read more...
 
Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability
Thursday, 20 October 2005
Cisco CSS 11500 Series Content Services Switches (CSS) configured with Secure Socket Layer (SSL) termination services are vulnerable to a Denial of Service (DoS) attack when processing malformed client certificates. Cisco has made free software available to address this...
Read more...
 
Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer
Thursday, 13 October 2005
The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.
Read more...
 
SSH Malformed Packet Vulnerabilities
Thursday, 13 October 2005
Please refer to vendor's website link for further details.
Read more...
 
CSS SSL Authentication Bypass
Friday, 09 September 2005
The Cisco CSS 11500 Series Content Services Switches (CSS) running Secure Socket Layer (SSL) has a vulnerability that may allow a user to bypass SSL authentication and access protected content. Cisco has made free software available to address this vulnerability.
Read more...
 
ZOTOB and WORM_RBOT.CBQ Mitigation Recommendations
Thursday, 25 August 2005
Cisco customers are currently experiencing attacks due to new worms and bots that are active on the Internet. The signature of these worms and bots appears as TCP traffic to port 445 as well as traffic to several secondary TCP ports depending on the variant of the worm. Affected...
Read more...
 
SSL Certificate Validation Vulnerability in IDS Management Software
Thursday, 25 August 2005
CiscoWorks Management Center for IDS Sensors (IDSMC) is a network security software agent that provides configuration and signature management for Cisco Intrusion Detection and Intrusion Prevention systems. A separate but closely related product, Monitoring Center for Security...
Read more...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Results 91 - 105 of 180
 spacer.png, 0 kB
     

© 2012 Intellect Information Technology Pty Ltd, Melbourne, Australia.

This page was loaded in 0.064 seconds.