Cisco IP Phone Session Initiation Protocol Denial of Service Vulnerability

Cisco 7940 and 7960 IP Phones with firmware versions 8.6 and prior contain a vulnerability when handling a series of SIP messages that could allow an attacker on the Voice VLAN to cause the phone to fail and restart. This vulnerability exists due to insufficient handling of certain sets of...

Local Privilege Escalation Vulnerabilities in Cisco VPN Client

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified MeetingPlace Template Cross-Site Scripting Vulnerability

Cisco Unified MeetingPlace versions prior to 5.3.235.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability exists due to insufficient filtering of parameters by Cisco Unified MeetingPlace. An unauthenticated,...

Information Leakage Using IPv6 Routing Header in Cisco IOS and Cisco IOS-XR

Cisco IOS and Cisco IOS XR contain a vulnerability when processing specially crafted IPv6 packets with a Type 0 Routing Header present. Exploitation of this vulnerability can lead to information leakage on affected IOS and IOS XR devices, and may also result in a crash of the affected IOS device...

Cisco IOS Next Hop Resolution Protocol Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS Secure Copy Authorization Bypass Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Wireless ARP Storm Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified Communications Manager Overflow Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Trust Agent Local Privilege Escalation Vulnerability

Cisco Trust Agent versions 2.1103 and prior contain a vulnerability when running on Apple Mac OS X that could allow an unauthenticated, local user to bypass security restrictions and gain unauthorized access to the affected system. This vulnerability exists due to improper display of user...

Cisco CallManager Web Interface Input Validation Bypass Vulnerability

Cisco CallManager versions 4.31 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and conduct cross-site scripting attacks. This vulnerability exists due to insufficient sanitization of user-supplied input to the CallManager web...

Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets

Cisco IOS device may crash while processing malformed Secure Sockets Layer SSL packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device. Successful repeated exploitation of any of these...

Vulnerability In Crypto Library

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Multiple Vulnerabilities in the IOS FTP Server

The Cisco IOS FTP Server feature contains multiple vulnerabilities that can result in a denial of service DoS condition, improper verification of user credentials, and the ability to retrieve or write any file from the device filesystem, including the device's saved configuration. This...

Cisco PIX/ASA DHCP Relay Agent Memory Leak Vulnerability

Cisco PIX and Adaptive Security Appliance ASA software versions 7.21 through 7.22.14 contain a vulnerability that could allow an unauthenticated, remote attacker to cause an affected device to stop forwarding traffic. This vulnerability exists due to an error when handling specific DHCP packets...

LDAP and VPN Vulnerabilities in PIX and ASA Appliances

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Default Passwords in NetFlow Collection Engine

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Wireless Control System Privilege Escalation Vulnerability

Cisco Wireless Control System WCS versions prior to 4.0.87.0 contains a vulnerability that could allow an authenticated, remote attacker to gain escalated privileges on the affected system. This vulnerability exists due to insufficient access controls on the Cisco WCS configuration page used to...

Multiple Vulnerabilities in the Cisco Wireless Control System

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified CallManager and Unified Presence Server ICMP Echo Request Handling Denial of Service Vulnerability

Cisco Unified CallManager and Unified Presence Server contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists due to improper handling of excessive amounts of ICMP echo requests. An attacker could exploit...

Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IP Phone SIP INVITE Message Denial of Service Vulnerability

Cisco 7940 and 7960 IP phones with firmware version 7.4 contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists due to an error within the handling of malformed SIP INVITE messages. An attacker could exploit...

Cisco Online Help System Cross-Site Scripting Vulnerability

Multiple Cisco products contain a vulnerability in the Online Help System that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability exists because the search feature of the web-based Online Help System interface fails to sufficiently filter...

Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability

Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System IOS are vulnerable to an attack from a Multi Protocol Label Switching MPLS packet. Only the systems that are running in Hybrid Mode Catalyst OS CatOS software on the Supervisor Engine and I...

Multiple Vulnerabilities in 802.1X Supplicant

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified IP Conference Station and IP Phone Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco PIX and ASA LOCAL Method Privilege Escalation Vulnerability

Cisco PIX 500 Series Security Appliances and Cisco ASA 5500 Series Adaptive Security Appliances ASA contain a vulnerability that could allow an authenticated, remote attacker to gain elevated privileges on the device. The vulnerability only exists on devices using LOCAL method for user...

Cisco Firewall Services Module, PIX and ASA SIP Message Denial of Service Vulnerability

Cisco Firewall Services Module, PIX Security Appliance, and ASA Security Appliance contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists due to an error when handling SIP messages. An unauthenticated, remo...

Cisco PIX and ASA TCP Traffic Inspection Denial of Service Vulnerability

Cisco PIX 500 Series Security Appliances and Cisco ASA 5500 Series Adaptive Security Appliances ASA contain a vulnerability that could allow an unauthenticated, remote attacker to crash an affected device, causing a denial of service DoS condition. This vulnerability exists due to insufficient...

Cisco Firewall Services Module, PIX, and ASA Malformed HTTP Requests Denial of Service Vulnerability

Cisco Firewall Services Module, Cisco PIX Security Appliance, and Cisco Adaptive Security Appliance ASA contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists due to an error within the handling of malforme...

Cisco Firewall Services Module HTTPS Traffic Temporary Denial of Service Vulnerability

Cisco Firewall Services Module versions versions prior to 3.13.11 contain a vulnerability that could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to an error when the embedded HTTPS server handles certain types of requests. An...

Cisco Firewall Services Module HTTPS Request Denial of Service Vulnerability

Cisco Firewall Services Module versions prior to 3.13.18 contain a vulnerability that could allow an unauthenticated, remote attacker to create a temporary denial of service DoS condition. The vulnerability is due to an error when handling malformed HTTPS requests on devices that are configured t...

Multiple Vulnerabilities in Cisco PIX and ASA Appliances

...

Multiple Vulnerabilities in Firewall Services Module

...

Multiple IOS IPS Vulnerabilities

The Intrusion Prevention System IPS feature set of Cisco IOS® contains several vulnerabilities. These include: Fragmented IP packets may be used to evade signature inspection. IPS signatures utilizing the regular expression feature of the ATOMIC.TCP signature engine may cause a router to crash...

SIP Packets Reload IOS Devices with support for SIP

Cisco devices running an affected version of Internetwork Operating System IOS which supports Session Initiation Protocol SIP are affected by a vulnerability that may lead to a reload of the device when receiving a specific series of packets destined to port 5060. This issue is compounded by a...

Crafted IP Option Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Crafted TCP Packet Can Cause Denial of Service

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070124-crafted-tcp...

IPv6 Routing Header Vulnerability

...

Cisco Security Monitoring, Analysis and Response System and Adaptive Security Device Manager Secure Communication Vulnerability

Cisco Security Monitoring, Analysis and Response System versions prior to 4.2.3 and Cisco Adaptive Security Device Manager versions prior to 5.22.1 contain a vulnerability that could allow an unauthenticated, remote attacker to impersonate a device managed by the system. The vulnerability exists...

SSL/TLS Certificate and SSH Public Key Validation Vulnerability

...

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Denial of Service Vulnerability

Cisco Unified Contact Center and Cisco IP Contact Center versions 5.0, 6.0, 7.0, and 7.1 contain a vulnerability that could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to insufficient handling of unexpected connections. An...

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability

...

DLSw Vulnerability

A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...

Cisco Secure Access Control Server Access-Request Handling Denial of Service Vulnerability

Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability exists due to insufficient handling of malformed RADIUS...

Cisco Secure Access Control Server Accounting-Request Buffer Overflow Vulnerability

Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine contain a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code. The vulnerability exists due to insufficient input...