Section: .. / advisories / cisco /
| /// File Name: |
cisco.ssh.advisory.txt |
Description:
|
Cisco Security Advisory - Exploitation of the CRC 32 overflow can cause some Cisco devices to reboot. This vulnerability affects all devices running Cisco IOS Software supporting SSH, Cisco Catalyst 6000 switches running CatOS, Cisco PIX Firewall's and the Cisco 11000 Content Service Switch family.
| | Homepage: | http://www.cisco.com | | File Size: | 29921 | | Last Modified: | Jul 3 08:29:26 2002 |
| MD5 Checksum: | 992e4b18bd52d919e0beb5718654e265 |
|
| /// File Name: |
ios-snmp-community-vulns-pub.txt |
Description:
|
Cisco Security Advisory - Many IOS and CatOS releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices. To fix, install the free upgrade or block UDP port 161.
| | Homepage: | http://www.cisco.com | | File Size: | 29584 | | Last Modified: | Mar 2 22:30:53 2001 |
| MD5 Checksum: | d4e9d6200eee994707a7fb10f80484c3 |
|
| /// File Name: |
cisco.00-05-14.http |
Description:
|
A defect in multiple releases of Cisco IOS software will cause a Cisco router or switch to halt and reload if the IOS HTTP service is enabled and browsing to "http:///%%" is attempted. This defect can be exploited to produce a denial of service (DoS) attack. This defect has been discussed on public mailing lists and should be considered public information.
| | Homepage: | http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml | | File Size: | 29196 | | Last Modified: | May 17 22:44:07 2000 |
| MD5 Checksum: | 177d2675ccf94d2117289316882510d8 |
|
| /// File Name: |
cisco.98-09-11.pix_cbac_frag |
Description:
|
Cisco PIX and CBAC Fragmentation Attack
| | File Size: | 26914 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | c3d2ebbf070779efc6b7db27791ca234 |
|
| /// File Name: |
cisco.99-01-11.ios_crash |
Description:
|
cisco.99-01-11.ios_crash
| | File Size: | 26202 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | 9b487478f949e76271087ba2247f40dc |
|
| /// File Name: |
cisco.98-11-05.access_list_leak |
Description:
|
Cisco IOS DFS Access List Leakage
| | File Size: | 26018 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | bcf0867cb4f25bced43607c4f97cd7ef |
|
| /// File Name: |
cisco.99-04-13.input_access_list |
Description:
|
Cisco IOS(R) Software Input Access List Leakage with NAT
| | File Size: | 25823 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | 385df517d29bb1a8feeb36f94598a3c3 |
|
| /// File Name: |
cisco.01-11-14.12xxx.ACL |
Description:
|
Cisco Security Advisory - Six vulnerabilities involving ACLs have been discovered in multiple releases of Cisco IOSR Software Release for Cisco 12000 Series Internet Routers.
| | Homepage: | http://www.cisco.com | | File Size: | 19564 | | Last Modified: | Nov 15 07:47:27 2001 |
| MD5 Checksum: | 680b74148f9c721169d492e5e6d90534 |
|
| /// File Name: |
cisco.00-04-20.telnet |
Description:
|
Cisco Security Advisory: Cisco IOS Software TELNET Option Handling Vulnerability. A defect in multiple Cisco IOS software versions will cause a Cisco router to reload unexpectedly when the router is tested for security vulnerabilities by security scanning software programs. The defect can be exploited repeatedly to produce a consistent denial of service (DoS) attack. Vulnerable releases include 11.3AA, 12.0(2) up to and including 12.0(6), and 12.0(7).
| | File Size: | 17594 | | Last Modified: | Apr 23 11:48:01 2000 |
| MD5 Checksum: | 27305612e78c4c70907ce2f5433761ed |
|
| /// File Name: |
cisco.01-11-14.12xxx.icmp |
Description:
|
Cisco Security Advisory - A vulnerability causing performance degradation on Cisco 12000 series routers when receiving large numbers of ICMP Unreachable packets has been discovered.
| | Homepage: | http://www.cisco.com | | File Size: | 17004 | | Last Modified: | Nov 15 07:52:33 2001 |
| MD5 Checksum: | 9d945b095955cb7d2951b1f559648487 |
|
| /// File Name: |
cisco.98-10-14.ios_command_history |
Description:
|
cisco.98-10-14.ios_command_history
| | File Size: | 16898 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | 155476f384d623fdfb1c0a527f787fb2 |
|
| /// File Name: |
cisco.pix-ftp.txt |
Description:
|
The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.
| | Homepage: | http://www.cisco.com | | File Size: | 15068 | | Last Modified: | Mar 20 22:04:00 2000 |
| MD5 Checksum: | de9c219fb628efe10d5cdecd1afde90a |
|
| /// File Name: |
cisco.00-09-21.ciscosecure_acs |
Description:
|
Cisco Security Advisory - This advisory highlights three vulnerabilities found in the CiscoSecure Access Control Server for Windows NT. The first bug is a buffer overflow in the CSAdmin module that allows a malicious user to execute arbitrary code or crash the module by sending an oversized packet to TCP port 2002. The second vulnerability involves sending an oversized TACACS+ packet to the CiscoSecure ACS thereby creating an unstable condition within the system conducive to denial of service attacks. Lastly, the enable password can be bypassed to gain unauthorized access to a router or switch if the interaction is between an LDAP server that allows null passwords and a CiscoSecure ACS for Windows NT. All releases of CiscoSecure ACS for Windows NT Server up to and including 2.1(x), 2.3(3), and 2.4(2) are vulnerable. CiscoSecure ACS for UNIX is not affected.
| | Homepage: | http://www.cisco.com | | File Size: | 14817 | | Last Modified: | Sep 22 21:59:09 2000 |
| MD5 Checksum: | f911feded42207577565c591a9f00715 |
|
| /// File Name: |
cisco.99-03-11.7xx_tcp_http |
Description:
|
cisco.99-03-11.7xx_tcp_http
| | File Size: | 12535 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | 5fc4770b21cc75ceb781c269c8ac4c01 |
|
| /// File Name: |
cisco.99-03-24.sv_remote_reload |
Description:
|
cisco.99-03-24.sv_remote_reload
| | File Size: | 12175 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | eb6841dc82bc52406ffb9638374b03ac |
|
| /// File Name: |
cisco.00-08-03.gigabit |
Description:
|
Cisco Security Advisory - A defect in Cisco IOS Software running on all models of Gigabit Switch Routers (GSRs) configured with Gigabit Ethernet or Fast Ethernet cards may cause packets to be forwarded without correctly evaluating configured access control lists (ACLs). In addition to circumventing the access control lists, it is possible to stop an interface from forwarding any packets, thus causing a denial of service. There is no workaround - Customers are urged to upgrade to unaffected versions of software as soon as possible.
| | Homepage: | http://www.cisco.com | | File Size: | 11939 | | Last Modified: | Aug 4 02:40:01 2000 |
| MD5 Checksum: | 27ef81cd0e03f8f503abba3d498f04ef |
|
| /// File Name: |
cisco.00-07-11.tcpreset |
Description:
|
Cisco Secure PIX Firewall TCP Reset Vulnerability - The Cisco Secure PIX Firewall cannot distinguish between a forged TCP Reset (RST) packet and a genuine TCP RST packet because the sequence number is not checked. Any TCP/IP connection established through the Cisco Secure PIX Firewall can be terminated by a third party from the untrusted network if the connection can be uniquely determined. If only source ip / destination ip / destination port are known, a RST packet can be sent with each source port.
| | Homepage: | http://www.cisco.com/warp/public/707/sec_incident_response.shtml | | File Size: | 11676 | | Last Modified: | Jul 22 08:39:50 2000 |
| MD5 Checksum: | 0d51fab0034e2a9fac7169070d05a8a2 |
|
| /// File Name: |
cisco-ip-telephone.txt |
Description:
|
Cisco Security Advisory - Multiple Vulnerabilities in Cisco IP Telephones. Bugs found in the Cisco IP Telephones can result in denial of service conditions and allow unauthorized access to the configuration settings of the Cisco IP Phone models 7910, 7940, and 7960.
| | Homepage: | http://www.cisco.com/warp/public/707/advisory.html | | File Size: | 11592 | | Last Modified: | May 24 09:42:30 2002 |
| MD5 Checksum: | 5be4f91e288a97ccb48243948ce0260c |
|
| /// File Name: |
cisco.99-12-15.cache |
Description:
|
Cisco Advisory - Cisco Cache Engine Authentication Vulnerabilities. A vulnerability exists that could allow an unauthorized person to substitute arbitrary material in place of legitimate content for a specified website. This arbitrary content would be viewable only by users of the affected (or "polluted") Cache Engine. A second vulnerability exists that could allow unauthorized persons to view performance information via the web interface of the Cache Engine. A third vulnerability existed that allowed a null username and password pair to be accepted as valid authentication credentials.
| | File Size: | 11471 | | Last Modified: | Dec 17 02:25:12 1999 |
| MD5 Checksum: | 9075f846ea075d9a186e5105fad23052 |
|
| /// File Name: |
cisco-vpn-client.txt |
Description:
|
Cisco Security Advisory - A buffer overflow in the Cisco VPN Clients for Linux, Solaris, and Mac OS X platforms can be exploited locally to gain local root access. This is fixed in v3.5.2.
| | Homepage: | http://www.cisco.com | | File Size: | 10689 | | Last Modified: | Jun 20 10:00:30 2002 |
| MD5 Checksum: | a62ed0a23d87903525d301700049ea09 |
|
| /// File Name: |
transparentcache-tcp-relay-vuln-pub..> |
Description:
|
Cisco Security Advisory - Cisco Cache Engines and Content Engines provide a transparent cache for world wide web pages retrieved via HTTP. The default configuration of the proxy feature can be abused to open a TCP connection to any reachable destination IP address and hide the true IP source address of the connection allowing for anonymous port scanning, dos attacks, spam, etc.
| | Homepage: | http://www.cisco.com | | File Size: | 10330 | | Last Modified: | May 19 08:55:55 2002 |
| MD5 Checksum: | d7f5a2dacc30f1f3432c87d240e4cc7f |
|
| /// File Name: |
cisco-sa-20031202-SNMP-trap.txt |
Description:
|
Cisco Security Advisory 20031202 - Cisco Aironet Access Points (AP) running Cisco IOS software will send any static Wired Equivalent Privacy (WEP) key in the cleartext to the Simple Network Management Protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. Cisco Aironet 1100, 1200, and 1400 series are affected, but the command is disabled by default.
| | Homepage: | http://www.cisco.com/security | | File Size: | 9606 | | Last Modified: | Dec 3 04:43:00 2003 |
| MD5 Checksum: | 65518f0742d4bd46b464f831a968adf3 |
|
| /// File Name: |
cisco-cbos-dos.txt |
Description:
|
Cisco Security Advisory - Three new denial of service vulnerabilities involving large packets have been found in Cisco routers that are running the CBOS software. This affects the following Cisco devices: 605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i and 678.
| | Homepage: | http://www.cisco.com/warp/public/707/advisory.html | | File Size: | 9033 | | Last Modified: | May 25 19:52:04 2002 |
| MD5 Checksum: | e15833ccbf8a5ab9f5a58121cdd65b31 |
|
| /// File Name: |
cisco.99-08-19.acs |
Description:
|
cisco.99-08-19.acs
| | File Size: | 9008 | | Last Modified: | Sep 23 05:48:10 1999 |
| MD5 Checksum: | b6e1e092db3ed20d45647bbf0fba19cc |
|
| /// File Name: |
css-http-post-pub.txt |
Description:
|
Cisco Security Advisory - The Cisco Content Service Switch (CSS) 11000 series switches are susceptible to a denial of service attack caused by a soft reset due to improper handling of HTTP POST requests to the web management interface.
| | Homepage: | http://www.cisco.com | | File Size: | 8962 | | Last Modified: | May 19 08:57:17 2002 |
| MD5 Checksum: | c5528c55d4552fbdeb5192f1a05a8c64 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
