Links
12 New Cisco Patches
GSA Reference Number: AD080926-01
Simply Put: Cisco has announced twelve vulnerabilities in multiple Cisco products. The vulnerabilities range from denial of service to remote exploitation, for some systems. The denial of service issues will cause the device to reload, if exploited. Remote exploitation only affects the Cisco uBR10012 model devices. For a comprehensive list of affected IOS versions, refer to the Cisco article linked below. Gladiator will be reviewing all monitored client Cisco devices to determine what IOS version they are running. If a device is out of date, it will be updated.
Attack Details:
The SANS Internet Storm Center (ISC) has an excellent overview of the vulnerabilities and the systems they affect. Here’s a list of the affected devices:
- Cisco IOS with IPS
- Cisco IOS using SSL (secure-server, webvpn, etc.)
- SIP services in Cisco IOS
- Cisco Unified Communications Manager
- Cisco IOS with MPLS VPN
- Cisco IOS with MPLS Forwarding Infrastructure
- Cisco 10000, uBR10012 and uBR7200 series devices
- Cisco IOS with NAT SSCP Fragmentation Support
- Cisco IOS with Firewall Application Inspection Control
- Cisco IOS using L2TP
If you are running any of the above systems, refer to the Cisco and ISC articles below for details and patching instructions.
Countermeasures: Cisco has released IOS patches for each of the vulnerabilities listed above. Do not attempt applying these updates this without assistance from your network support vendor, if applicable. ISC has workaround information posted for each vulnerability as well.
Reference Links:
- Cisco Security Advisory Bundle (http://www.cisco.com/en/US/products/products_security_advisories_listing.html)
- SANS ISC Advisory (http://isc.sans.org/diary.html?storyid=5078)