Service Vulnerability | DarkFiber Consulting

Cisco Releases Multiple Security Advisories for IOS Vulnerabilities and Unified Communications Manager

October 14th, 2009 . by DarkFiber Consulting

Cisco has released multiple security advisories to address vulnerabilities in IOS Software and Unified Communications Manager. These vulnerabilities may allow an attacker to cause a denial-of-service
condition, buffer overflow, or access control list bypass.

DarkFiber Consulting encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.

cisco-sa-20090923-acl : Cisco IOS Software Object-group Access Control List Bypass Vulnerability
cisco-sa-20090923-auth-proxy : Cisco IOS Software Authentication Proxy Vulnerability
cisco-sa-20090923-cm : Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability
cisco-sa-20090923-cme : Cisco Unified Communications Manager Express Vulnerability
cisco-sa-20090923-h323 : Cisco IOS Software H.323 Denial of Service Vulnerability
cisco-sa-20090923-ios-fw : Cisco IOS Software Zone-Based Policy Firewall Vulnerability
cisco-sa-20090923-ipsec : Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
cisco-sa-20090923-ntp : Cisco IOS Software Network Time Protocol Packet Vulnerability
cisco-sa-20090923-sip : Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
cisco-sa-20090923-tls : Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
cisco-sa-20090923-tunnels : Cisco IOS Software Tunnels Vulnerability

Posted in Security Alerts | No Comments »
Tagged With: Access Control List • Acl Cisco • Authentication Proxy • Buffer Overflow • Cisco Acl • Cisco Ios Software • Cisco Security • Communications Manager • Denial Of Service • H323 • Internet Key Exchange • Necessary Updates • Network Time Protocol • Object Group • Protocol Packet • Resource Exhaustion • Service Vulnerability • Session Initiation Protocol • Software Object • Unified Communications

Cisco Releases Security Advisory for Vulnerabilities in Cisco Wireless LAN Controllers

July 30th, 2009 . by DarkFiber Consulting

Cisco has released a security advisory to address multiple vulnerabilities in Wireless LAN Controllers. The advisory addresses the following:

Malformed HTTP or HTTPS authentication response denial-of-service vulnerability.
SSH connections denial-of-service vulnerability.
Crafted HTTP or HTTPS request denial-of-service vulnerability.
Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability.

Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or gain full control over the Wireless LAN Controller.

DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20090727-wlc and apply any necessary updates or workarounds to help mitigate the risks.

Posted in Security Alerts | No Comments »
Tagged With: Address • Addresses • Attacker • Authentication • Cisco • Cisco Security Advisory • Cisco Wireless • Control • Denial Of Service • Full Control • Lan Controller • Lan Controllers • Necessary Updates • Service Vulnerability • Vulnerabilities • Vulnerability Exploitation • Wireless Lan • Wlc • Workarounds

Microsoft Releases Security Advisory 958963

October 27th, 2008 . by DarkFiber Consulting

Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.

Additional information regarding the Windows Server Service vulnerability is available in:

Microsoft Security Bulletin MS08-067
Vulnerability Note VU#827268
Current Activity Entry – Microsoft Releases Out-of-Band Security Bulletin MS08-067

Posted in Security Alerts | No Comments »
Tagged With: Arbitrary Code Execution • Current • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Microsoft Security Bulletin • Server Service • Service Vulnerability • Vulnerability Note • Windows 2000 • Windows 2000 Xp • Windows Server • Workarounds

Cisco Releases Security Alerts

September 24th, 2008 . by DarkFiber Consulting

Cisco has released multiple security alerts to address vulnerabilities in the Unified Communications Manager and IOS. These vulnerabilities may allow a remote unauthenticated attacker to cause a denial-of-service condition, obtain sensitive information, or operate with escalated privileges.

DarkFiber Consulting encourages users and administrators to review the following Cisco Alerts and apply any necessary updates to help mitigate the risks.

Posted in Security Alerts | No Comments »
Tagged With: Attacker • Cisco Ios • Cisco Software • Communications Manager • Control Protocol • Denial Of Service • Feature Service • Information Disclosure • Ipc Message • Memory Leak • Message Memory • Multiprotocol Label • Necessary Updates • Network Traffic • Protocol Label • Redundancy • Service Vulnerability • Session Initiation Protocol • Unified Communications • Virtual Private Network

DarkFiber Consulting – IT Managed Services

Client Login:

Username:

Password:

Recent Posts

Topics/Categories

Monthly Archives

Other Cool Sites:

Cisco Releases Multiple Security Advisories for IOS Vulnerabilities and Unified Communications Manager

Cisco Releases Security Advisory for Vulnerabilities in Cisco Wireless LAN Controllers

Microsoft Releases Security Advisory 958963

Cisco Releases Security Alerts