US-CERT Technical Cyber Security Alert TA08-087B -- Cisco Updates for Multiple Vulnerabilities

28/03/08, US-CERT Technical Cyber Security Alert TA08-087B -- Cisco Updates for Multiple Vulnerabilities
From: CERT Advisory <cert-advisory@cert.org>

Generated by MHonArc

CSIM Logo WelcomeCourses
Faculty, Student, Staff
Projects and reports
Conferences, workshop and seminars
Laboratories and reasearch facilities
Information related to CSIM
Information non-related to CSIM
Address, map, phone, etc.
Search

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


To: cert-advisory@cert.org
Subject: US-CERT Technical Cyber Security Alert TA08-087B -- Cisco Updates for Multiple Vulnerabilities
From: CERT Advisory <cert-advisory@cert.org>
Date: Thu, 27 Mar 2008 16:05:55 -0400
List-archive: <http://www.cert.org/>
List-help: <http://www.cert.org/>, <mailto:Majordomo@cert.org?body=help>
List-owner: <mailto:cert-advisory-owner@cert.org>
List-post: NO (posting not allowed on this list)
List-unsubscribe: <mailto:Majordomo@cert.org?body=unsubscribe%20cert-advisory>
Organization: CERT(R) Coordination Center - +1 412-268-7090

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

        National Cyber Alert System

   Technical Cyber Security Alert TA08-087B


Cisco Updates for Multiple Vulnerabilities

   Original release date: March 27, 2007
   Last revised: --
   Source: US-CERT


Systems Affected

     * Cisco IOS


Overview

   Cisco has released Cisco Security Advisory cisco-sa-20080326-bundle to
   correct  multiple vulnerabilities affecting Cisco IOS. Attackers could
   exploit  these vulnerabilities to access sensitive information
   or cause a denial of service.


I. Description

   Cisco  Security Advisory cisco-sa-20080326-bundle addresses
   a  number  of vulnerabilities affecting Cisco IOS 12.0, 12.1,
   12.2,  12.3, and 12.4.  Further details are available  in  the US-CERT
   Vulnerability Notes Database.


II. Impact

   The  impacts  of  these  vulnerabilities  vary. Potential consequences
   include disclosure  of  sensitive  information  and denial of service.


III. Solution

Upgrade

   These   vulnerabilities  are  addressed  in  Cisco  Security  Advisory
   cisco-sa-20080326-bundle.


IV. References

     * US-CERT Vulnerability Notes -
       <http://www.kb.cert.org/vuls/byid?searchview&query=cisco-sa-20080326-bundle>

     * Cisco     Security     Advisory     cisco-sa-20080326-bundle     -
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml>

     * Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network
       Denial of Service Vulnerability -
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml>

     * Cisco   Security   Advisory:   Multiple  DLSw  Denial  of  Service
       Vulnerabilities in Cisco IOS -
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml>

     * Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery
       Issue For IPv4/IPv6 Dual-stack Routers -
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml>

     * Cisco  Security  Advisory:  Vulnerability  in Cisco IOS with OSPF,
       MPLS  VPN,  and  Supervisor  32,  Supervisor  720, or Route Switch
       Processor 720 - 
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml>

     * Cisco  Security  Advisory:  Cisco  IOS  Multicast  Virtual Private
       Network (MVPN) Data Leak -
       <http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml>

 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/techalerts/TA08-087B.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA08-087B Feedback VU#936177" in the
   subject.
 ____________________________________________________________________

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 ____________________________________________________________________

   Produced 2008 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


   Revision History

   March 27, 2008: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR+vjW/RFkHkM87XOAQLjnQf+PgUTq9wrF8th28Ur2qUgViOGFbNOzwbp
1Awp1ygPnGsT2BVBdwo7ugfuQXMHiz8rnG/7Ovf5prr3FjI6I/3XRMFTpS/ZmF1W
m0e6H+vhJSmvJp02a4X9Rzm8Rq9jYda7SJHAFiiblxMSKOuOn2bKpOPxyrhnZmcA
UsuFp5A4mHoMqi4LWO0XqCTBzC1r3myx9j3dVg0yJ0LuIvYWUoqOsHI1ywG+ryLO
MfSbpvFgbfU5pn3e61hS++oIpOjmlLuRdu1o/2vHizqcUSfhKx2ccdOUG0c2Opr/
oabL6WpJHRePXbz1jdOPHGVPVH/6OVVSr+L2Ug1Qd8hBLwwbcfGweQ==
=pX05
-----END PGP SIGNATURE-----

Previous message sorted by date: US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities
Next message sorted by date: US-CERT Technical Cyber Security Alert TA08-087A -- Mozilla Updates for Multiple Vulnerabilities
Previous message sorted by thread: US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities
Next message by thread: US-CERT Technical Cyber Security Alert TA08-087A -- Mozilla Updates for Multiple Vulnerabilities
Main Index
Thread Index

CSIM home pageWMailAccount managementCSIM LibraryNetwork test toolsSearch CSIM directories
Contact us: Olivier Nicole CSIM    SET    AIT Last update: Mar 2008