Tech Talk

[Cisco WebEx WRF Player vulns]

FYI...

Cisco WebEx WRF Player vulns
- http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
2009 December 16 - "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server... Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution...
(CVE) identifiers:
* CVE-2009-2875
* CVE-2009-2876
* CVE-2009-2877
* CVE-2009-2878
* CVE-2009-2879
* CVE-2009-2880 ...
There are no workarounds for the vulnerabilities disclosed in this advisory... Cisco has released free software updates that address these vulnerabilities..."

- http://isc.sans.org/diary.html?storyid=7762
Last Updated: 2009-12-16 20:00:37 UTC

- http://secunia.com/advisories/37810/2/
Release Date: 2009-12-17
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch ...

 

[Cisco IOS / DoS vuln - update available]

FYI...

Cisco IOS / DoS vuln - update available
- http://secunia.com/advisories/38227/2/
Release Date: 2010-01-21
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco IOS XR 3.x ...
Solution: Update to fixed versions. Please see the vendor's advisory for details.
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20100120-xr-ssh.shtml

- http://atlas.arbor.net/briefs/index#1942399210

Cisco InternetWork Performance Monitor GIOP Request Buffer Overflow
- http://secunia.com/advisories/38230/2/
Last Update: 2010-01-22
Critical: Moderately critical
Impact: DoS, System access
Where: From local network
Solution: Contact the vendor for instructions on migrating to non-vulnerable software
(please see the vendor advisory for details).
Restrict network access to an affected system.
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20100120-ipm.shtml

 

[Cisco Unified MeetingPlace - multiple vulns]

FYI...

Cisco Unified MeetingPlace - multiple vulns
- http://secunia.com/advisories/38259/2/
Release Date: 2010-01-28
Critical: Moderately critical
Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, Privilege escalation
Where: From remote
Solution Status: Vendor Patch
Software: Cisco Unified MeetingPlace 5.x, Cisco Unified MeetingPlace 6.x, Cisco Unified MeetingPlace 7.x
Solution: Update to the latest version.
http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278785523
Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml

- http://securitytracker.com/alerts/2010/Jan/1023511.html
CVE Reference: CVE-2010-0139, CVE-2010-0140, CVE-2010-0141, CVE-2010-0142
Date: Jan 27 2010

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0139
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0140
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0141
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0142

- http://www.us-cert.gov/current/#cisco_releases_security_advisory_for16
January 28, 2010

Multiple Vulnerabilities in Cisco Unified MeetingPlace
- http://atlas.arbor.net/briefs/index#-478562949
Severity: Elevated Severity
Published: Friday, January 29, 2010 19:03
"Multiple issues have been found and fixed in Cisco Unified MeetingPlace versions 5, 6, and 7. These bugs could allow for SQL injection, privilege escalation, account enumeration, and unauthorized new account creation. Cisco has made updated software available to their customers to address these issues.
Analysis: Sites using Cisco Unified MeetingPlace should review this update and apply the updates soon."

 

[Cisco Secure Desktop vuln - update available]

FYI...

Cisco Secure Desktop vuln - update available
- http://secunia.com/advisories/38397/2/
Release Date: 2010-02-02
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 8.x
Software: Cisco Secure Desktop 3.x
Solution: Update to fixed versions:
Cisco Secure Desktop: Update to version 3.5.
Cisco ASA 5500 Series Adaptive Security Appliances:
Update to version 8.2(1), 8.1(2.7), or 8.0(5)
Original Advisory: Cisco:
http://tools.cisco.com/security/center/viewAlert.x?alertId=19843

 

[Cisco releases multiple Security Advisories]

FYI...

Cisco releases multiple Security Advisories
- http://www.us-cert.gov/current/#cisco_releases_multiple_security_advisories
February 17, 2010
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml
Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service condition.
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
Security advisory, cisco-sa-20100217-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. These vulnerabilities may allow an attacker to gain unauthorized access to an affected system or cause a denial-of-service condition.
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml
Security advisory, cisco-sa-20100217-csa, addresses multiple vulnerabilities in the Cisco Security Agent. These vulnerabilities may allow an attacker to execute arbitrary SQL commands, view and download arbitrary files, or cause a denial-of-service condition...

- http://atlas.arbor.net/briefs/index#1477198596
February 17, 2010

Cisco PIX 500
- http://secunia.com/advisories/38636

Cisco Firewall Services Module
- http://secunia.com/advisories/38621/

Cisco ASA 5500
- http://secunia.com/advisories/38618/

 

[Cisco - multiple advisories]

FYI...

Cisco - multiple advisories...
- http://www.us-cert.gov/current/#cicso_releases_multiple_security_advisories
March 4, 2010

- http://secunia.com/advisories/38799/
Release Date: 2010-03-04
Criticality level: Moderately critical
Impact:   Manipulation of data
Where: From remote
Solution Status: Vendor Patch
Operating System: Cisco Digital Media Player 5.x
Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmp.shtml

- http://secunia.com/advisories/38754/
Release Date: 2010-03-04
Criticality level: Moderately critical
Impact:   DoS
Solution Status: Vendor Patch
Software: Cisco Unified Communications Manager 4.x, Cisco Unified Communications Manager 6.x, Cisco Unified Communications Manager 7.x
Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml

- http://secunia.com/advisories/38824/
Software: Cisco Unified Communications Manager 5.1 reached the End of Software Maintenance on 2010-02-13...
Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml

 

[Cisco - 7 security updates]

FYI...

Cisco - 7 security updates
- http://isc.sans.org/diary.html?storyid=8488
Last Updated: 2010-03-24 22:52:39 UTC - "... information at their site:
- http://www.cisco.com/en/US/products/products_security_advisories_listing.html ..."
24-March-2010 16:00 GMT

- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b20ee1.shtml
2010 March 24 1600 UTC

- http://atlas.arbor.net/briefs/index#1182447196
March 24, 2010 - "... Cisco has released 7 security bulletins for its IOS, IOS XR, and CUCM product features, all of which are denial of service issues..."

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0584
Last revised: 03/26/2010
CVSS v2 Base Score: 7.8 (HIGH)

 

[Cisco Secure Desktop vuln - update available]

FYI...

Cisco Secure Desktop vuln - update available
- http://secunia.com/advisories/39459/
Release Date: 2010-04-15
Criticality level: Highly critical
Impact: System access
Solution Status: Vendor Patch
Software: Cisco Secure Desktop 3.x, Cisco Secure Desktop Installer ActiveX Control 1.x
CVE Reference: CVE-2010-0589
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20100414-csd.shtml

 

[Cisco PGW vulns - updates available]

FYI...

Cisco PGW vulns - updates available
- http://www.cisco.com/warp/public/707/cisco-sa-20100512-pgw.shtml
2010 May 12 - "Multiple vulnerabilities exist in the Cisco PGW 2200 Softswitch series of products... Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities... All vulnerabilities listed in this Security Advisory are addressed in Cisco PGW 2200 Softswitch version 9.7(3)S11, version 9.8(1)S5, and subsequent, software releases..."

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

- http://atlas.arbor.net/briefs/index#-1480011314
May 12, 2010 - Elevated Severity - "Analysis: This is a big set of medium risk vulnerabilities. We encourage sites using the PGW 2200 to update soon to address them."
 
 

[Cisco Network Building Mediator - updates available]

FYI...

Cisco Network Building Mediator - updates available
- http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml
May 26, 2010 - "These vulnerabilities affect the legacy Richards-Zeta Mediator 2500 product and Cisco Network Building Mediator NBM-2400 and NBM-4800 models. All Mediator Framework software releases prior to 3.1.1 are affected by all vulnerabilities listed in this security advisory... Fixed 3.1.1 and 3.0.9 Mediator Framework software can be downloaded from the Software Center... by visiting http://www.cisco.com/cisco/psn/web/download/index.html and navigating to Physical Security and Building Systems > Smart Connected Buildings > Cisco Network Building Mediator. To obtain fixed 1.5.1 and 2.2 Mediator Framework software and configTOOL version 3.1.0b1 contact Cisco TAC... There are no workarounds for these vulnerabilities..."

- http://securitytracker.com/alerts/2010/May/1024027.html
May 26 2010

 

[Cisco Application Extension Platform (AXP) 1.1 and 1.1.5]

FYI...

Cisco Application Extension Platform (AXP) 1.1 and 1.1.5
allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1572
Last revised: 06/17/2010
CVSS v2 Base Score: 9.0 (HIGH)
Type: Advisory; Patch Information
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3290b.shtml

Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2)
unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1571
Last revised: 06/17/2010
CVSS v2 Base Score: 7.8 (HIGH)
Type: Advisory; Patch Information
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml

 

[(IE 3000) Series switches]

FYI...

- http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml
2010 July 07 - "Summary: Cisco Industrial Ethernet 3000 (IE 3000) Series switches running Cisco IOS® Software releases 12.2(52)SE or 12.2(52)SE1, contain a vulnerability where well known SNMP community names are hard-coded for both read and write access. The hard-coded community names are "public" and "private." Cisco recommends that all administrators deploy the mitigation measures outlined in the Workarounds section or perform a Cisco IOS Software upgrade... Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available...
Impact: Successful exploitation of the vulnerability could result in an attacker obtaining full control of the device..."
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1574
CVSS v2 Base Score: 10.0 (HIGH)
- http://www.kb.cert.org/vuls/id/732671
Date Last Updated: 2010-07-12

- http://www.vsecurity.com/resources/advisory/20100702-1/
2010-07-02 "... Cisco CSS 11500 Series Content Services Switch... implement more stringent request validation and/or corrections when receiving requests which do not utilize HTTP-compliant newlines... Three primary approaches are possible..."
- http://www.securityfocus.com/archive/1/archive/1/512144/100/0/threaded
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1575
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1576
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2629
CVSS v2 Base Score: 7.5 (HIGH)

 

[Cisco CDS vuln - update available]

FYI...

Cisco CDS vuln - update available
- http://secunia.com/advisories/40701/
Release Date: 2010-07-22
Criticality level: Moderately critical
Impact: Exposure of system information, Exposure of sensitive information
Where: From remote
Software: Cisco Content Delivery System 2.x
CVE Reference: CVE-2010-1577
... The vulnerability is reported in versions 2.2.x, 2.3.x, 2.4.x, and 2.5.x.
Solution: Update to version 2.5.7 or later.
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml
Last Updated: 2010 July 29 Revision 1.1 - "Updated Details and Workaround sections..."

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html
29-July-2010

- http://atlas.arbor.net/briefs/
July 23, 2010

 

[Multiple Cisco Advisories]

FYI...

Multiple Cisco Advisories
- http://isc.sans.edu/diary.html?storyid=9331
Last Updated: 2010-08-04 18:35:02 UTC

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances, impact is DoS.
Advisory ID: cisco-sa-20100804-asa
http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml

- http://securitytracker.com/alerts/2010/Aug/1024279.html
Aug 4 2010

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module, impact is DoS.
Advisory ID: cisco-sa-20100804-fwsm
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml

- http://securitytracker.com/alerts/2010/Aug/1024280.html
Aug 4 2010

 

[Cisco ACE vuln - update available]

FYI...

- http://www.cisco.com/en/US/products/products_security_advisories_listing.html

- http://tools.cisco.com/security/center/home.x

- http://tools.cisco.com/security/center/viewAllSearch.x

Cisco ACE vuln - update available
- http://www.cisco.com/warp/public/707/cisco-sa-20100811-ace.shtml
2010 August 11 - "The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine contain the following DoS vulnerabilities:
• Real-Time Streaming Protocol (RTSP) inspection DoS vulnerability
• HTTP, RTSP, and Session Initiation Protocol (SIP) inspection DoS vulnerability
• Secure Socket Layer (SSL) DoS vulnerability
• SIP inspection DoS vulnerability
Cisco has released free software updates for affected customers. Workarounds that mitigate some of the vulnerabilities are available.
Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another..."

Cisco WCS SQL Injection - update available
- http://www.cisco.com/warp/public/707/cisco-sa-20100811-wcs.shtml
2010 August 11 - "Cisco Wireless Control System (WCS) contains a SQL injection vulnerability that could allow an authenticated attacker full access to the vulnerable device, including modification of system configuration; create, modify and delete users; or modify the configuration of wireless devices managed by WCS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability..."

Cisco IOS TCP vuln
- http://secunia.com/advisories/40958/
Release Date: 2010-08-13
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Operating System: Cisco IOS 15.0
CVE Reference: CVE-2010-2827
Original Advisory:
- http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml

- http://securitytracker.com/alerts/2010/Aug/1024322.html
- http://securitytracker.com/alerts/2010/Aug/1024321.html
- http://securitytracker.com/alerts/2010/Aug/1024335.html