DarkFiber Consulting – IT Managed Services

Cisco Releases Security Advisory for Firewall Services Module

August 6th, 2010 . by DarkFiber Consulting

Cisco has released a security advisory to address multiple vulnerabilities in the Cisco Firewall Services Module. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Cisco security advisory cisco-sa-20100804-fwsm and apply any necessary updates to help mitigate the risks.

Cisco Releases Security Advisory for CDS Internet Streamer

August 6th, 2010 . by DarkFiber Consulting

Cisco has released a security advisory to address a vulnerability in the Cisco Internet Streamer application that is part of the Cisco Content Delivery System. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to obtain sensitive information, including password files and system logs. This information could be used to leverage subsequent attacks.

DarkFiber Consulting encourages users and administrators to review Cisco security advisory cisco-sa-20100721 and apply any necessary updates to help mitigate the risks.

Cisco Releases Multiple Security Advisories

March 1st, 2010 . by DarkFiber Consulting

Cisco has released three security advisories to address vulnerabilities.

Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service condition.

Security advisory, cisco-sa-20100217-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. These vulnerabilities may allow an attacker to gain unauthorized access to an affected system or cause a denial-of-service condition.

Security advisory, cisco-sa-20100217-csa, addresses multiple vulnerabilities in the Cisco Security Agent. These vulnerabilities may allow an attacker to execute arbitrary SQL commands, view and download arbitrary files, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and systems administrators to review Cisco security advisory cisco-sa-20100217-fwsm, cisco-sa-20100217-asa, and cisco-sa-20100217-csa and apply any necessary updates to mitigate the risks.

Cisco Releases Advisory for IronPort Encryption Appliance

March 1st, 2010 . by DarkFiber Consulting

Cisco has released an advisory to address multiple vulnerabilities in IronPort Encryption Appliance. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20100210-ironport and apply any necessary workarounds to help mitigate the risks. Additional information regarding these vulnerabilities can be found in Cisco Applied Mitigation Bulletin 111668.

Cisco Releases Security Advisory for IOS Software Vulnerabilities

July 30th, 2009 . by DarkFiber Consulting

Cisco has released a security advisory to address multiple vulnerabilities in IOS Software. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition when handling specific Border Gateway Protocol (BGP) updates. The advisory indicates that these vulnerabilities affect only Cisco IOS
Software with support for four-octet AS number space and BGP routing
configured.

DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20090729-bgp and apply any necessary updates to help mitigate the risks.

Cisco Releases Security Advisory for Vulnerabilities in Cisco Wireless LAN Controllers

July 30th, 2009 . by DarkFiber Consulting

Cisco has released a security advisory to address multiple vulnerabilities in Wireless LAN Controllers. The advisory addresses the following:

  • Malformed HTTP or HTTPS authentication response denial-of-service vulnerability.
  • SSH connections denial-of-service vulnerability.
  • Crafted HTTP or HTTPS request denial-of-service vulnerability.
  • Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability.

Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or gain full control over the Wireless LAN Controller.

DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20090727-wlc and apply any necessary updates or workarounds to help mitigate the risks.

Cisco Releases Advisory for Cisco PIX and ASA

October 23rd, 2008 . by DarkFiber Consulting

Cisco Security Advisory cisco-sa-20081022-asa was released to address multiple vulnerabilities in Cisco ASA and PIX. These vulnerabilities may allow an attacker to bypass authentication mechanisms or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20081022-asa and apply any necessary updates or workarounds to help mitigate the risks.

Cisco Releases Advisory for Cisco Unity

October 8th, 2008 . by DarkFiber Consulting

Cisco Security Advisory cisco-sa-20081008-unity was released to address a vulnerability in Cisco Unity, a voice and unified messaging platform. This vulnerability may allow an attacker to view and alter configuration parameters of the Cisco Unity server.

DarkFiber Consulting encourages users to do the following:

Cisco Releases Advisory and Security Response

September 5th, 2008 . by DarkFiber Consulting

Cisco has released a Cisco Security Advisory to address multiple vulnerabilities in Cisco PIX and ASA. These vulnerabilities may allow an attacker to cause a denial-of-service condition or obtain sensitive information. Additionally, Cisco has released a Security Response to address a vulnerability in Cisco Secure ACS. This vulnerability may allow an attacker to cause a denial-of-service condition on the affected system.

DarkFiber Consulting encourages users to review Cisco Security Advisory cisco-sa-20080903-asa, review Cisco Security Response document 107443, and apply any necessary workarounds or updates listed in those documents to help mitigate the risks.