Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL

The remote Cisco ONS device is running a software version known to be affected by multiple OpenSSL related vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce disclosure via the 'FLUSH+RELOAD' cache...

CVE-2014-2176

Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service NP chip and line card reload via malformed IPv6 packets, aka Bug ID CSCun71928...

CVE-2014-2176

Cisco IOS XR on ASR 9000 (4.1.2–5.1.1) with Trident-based line cards is affected by a vulnerability in parsing malformed IPv6 packets that can be exploited remotely to cause a denial of service (NP chip and line card reload). The issue stems from IPv6 handling and only affects Trident-based line ...

openSUSE Security Update : wireshark (openSUSE-SU-2013:0494-1)

wireshark was updated to 1.8.6 bnc807942 + vulnerabilities fixed : - The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 - The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 - The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 - The MS-MMS...

openSUSE Security Update : libgcrypt (openSUSE-SU-2013:1294-1)

libgcrypt was updated to 1.5.3 bnc831359 to fix a security issue, bugs and get some new features : Security issue fixed : - Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See . - contains changes from 1.5.2 - The upstream sources now contain the IDEA algorithm,...

openSUSE Security Update : apache2 (openSUSE-SU-2012:0212-1)

This update fixes several security issues in the Apache2 webserver. CVE-2011-3368, CVE-2011-4317: This update also includes several fixes for a modproxy reverse exposure via RewriteRule or ProxyPassMatch directives. CVE-2011-3607: Integer overflow in appregsub function resulting in a heap based...

openSUSE Security Update : wireshark (openSUSE-SU-2013:0947-1)

This update of wireshark includes several security and bug fixes. bnc820566 + vulnerabilities fixed : - The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-23 CVE-2013-2486 CVE-2013-2487 - The GTPv2 dissector could crash. wnpa-sec-2013-24 - The ASN.1 BER dissector could crash...

openSUSE Security Update : apache2-201202 (openSUSE-SU-2012:0314-1)

This update of apache2 fixes regressions and several security problems : bnc728876, fix graceful reload bnc741243, CVE-2012-0031: Fixed a scoreboard corruption shared mem segment by child causes crash of privileged parent invalid free during shutdown. bnc743743, CVE-2012-0053: Fixed an issue in...

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)

The remote Linux host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities

The remote Windows host has a version of IBM Global Security Kit prior to 7.0.4.50 / 8.0.14.43 / 8.0.50.20. It is, therefore, affected by the following vulnerabilities : - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm ECDSA that could allow nonce...

Cisco IOS XE Software PPPoE Denial of Service Vulnerability

A vulnerability in the PPP over Ethernet PPPoE processing code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device, which could lead to a denial of service DoS condition. The vulnerability is due to improper processing of certain...

CVE-2014-3284

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service device reload via a malformed PPPoE packet, aka Bug ID CSCuo55180...

Code injection

Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service device reload via a malformed PPPoE packet, aka Bug ID CSCuo55180...

Cisco IOS Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in Link Layer Discovery Protocol LLDP in Cisco switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. The vulnerability is due to incorrect handling of malformed LLDP packets. An attacker could exploit this vulnerability by sending a...

CVE-2014-3269

Cisco IOS XE Software SNMP Denial of Service vulnerability (CVE-2014-3269) affects the SNMP module in IOS XE 3.5E. The issue arises from frequent polling of certain MIBs, which can allow an authenticated, remote attacker to cause a device reload (DoS) by sustained SNMP polling. Multiple connected...

CVE-2014-3269

The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service device reload by polling frequently, aka Bug ID CSCug65204...

CVE-2014-3264

Cisco Adaptive Security Appliance ASA Software 9.1.5 and earlier allows remote authenticated users to cause a denial of service device reload via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561...

Cisco IOS XE Software SNMP Denial of Service Vulnerability

A vulnerability in the SNMP module of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to frequent polling of certain MIBs on an affected device. An attacker could exploit this vulnerability by sending continuou...

Cisco Adaptive Security Appliance Software Crafter RADIUS Packets Denial of Service Vulnerability

A vulnerability in the implementation of the Remote Authentication Dial-in User Services RADIUS code of Cisco ASA Software could allow an authenticated, remote attacker to cause an affected system to reload. The vulnerability is due to insufficient validation of RADIUS packets including crafted...

Cisco IOS Software ScanSafe Vulnerability

A vulnerability in the content scanning module of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability occurs when processing HTTPS packets that need to be redirected to a ScanSafe tower. An attacker could exploit this...