November 29, 2014

Cisco Releases Details of Vulnerability in Cisco TelePresence Recording Server Software

(LiveHacking.Com) — Cisco has released a security advisory and a corresponding applied mitigation bulletin to address vulnerabilities in the Cisco TelePresence Recording Server Software Release 1.7.2.0.  Cisco TelePresence is a in-person communication and collaboration tool.

According to Cisco, Version 1.7.2.0 of its TelePresence Recording Server Software includes a root administrator account that is enabled by default. Successful exploitation of this vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. An attacker could use this account to modify the system configuration and settings by means of an SSH session.

Cisco’s workaround involves the use of  infrastructure access control lists (iACLs) to perform policy enforcement of traffic sent to the equipment. Administrators can construct an iACL to explicitly allow only authorized traffic to be sent to the infrastructure devices. However Cisco point out that the iACL workaround cannot provide complete protection against this vulnerability when the attack originates from a trusted source address.

Cisco Content Delivery System Internet Streamer: Web Server Vulnerability

Cisco has issued a security advisory for its Cisco Content Delivery System (Cisco CDS). The web server component of the Cisco Internet Streamer application contains a vulnerability that can make the web server crash when processing specially crafted URLs. In response Cisco has released a patch.

An unauthenticated attacker may be able to exploit this vulnerability to cause a denial of service condition on the web server that is running on the Service Engine. The device will remain operational, and the Web Engine will restart if the attack stops.

 

Vulnerability in CiscoWorks Server

A Cisco bug report warns of a critical vulnerability in the LAN Management Product CiscoWorks. According to the report, a buffer overflow in the web server module of the Common Services component allows for the injection and remote execution of arbitrary code. No prior authentication is required.

Read the full story here.

Source:[TheHSecurity]

Multiple Vulnerabilities in Security Appliances and Cisco Firewall Services Module

Cisco security advisory is warning for multiple vulnerabilities in its Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers.

Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple vulnerabilities as follows:

  • Three SunRPC Inspection Denial of Service Vulnerabilities
  • Three Transport Layer Security (TLS) Denial of Service Vulnerabilities
  • Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerability
  • Crafted Internet Key Exchange (IKE) Message Denial of Service Vulnerability

Multiple vulnerabilities exist in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers that may cause the Cisco FWSM to reload after processing crafted SunRPC or certain TCP packets. Repeated exploitation could result in a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.

Please visit the following pages at Cisco Security Advisory for software updates and more information:

http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml

http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml

[ad code=2 align=center]