lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 10 Oct 2012 12:10:54 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Multiple Vulnerabilities in Cisco Firewall Services Module

Advisory ID: cisco-sa-20121010-fwsm

Revision 1.0

For Public Release 2012 October 10 16:00  UTC (GMT)
- ----------------------------------------------------------------------

Summary
=======

The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500
Series Switches and Cisco 7600 Series Routers is affected by the
following vulnerabilities:

DCERPC Inspection Buffer Overflow Vulnerability
DCERPC Inspection
Denial Of Service Vulnerabilities

These vulnerabilities are not interdependent; a release that is
affected by one vulnerability is not necessarily affected by the other.

Exploitation of these vulnerabilities could allow an unauthenticated,
remote attacker to trigger a reload of the affected device, or to
execute arbitrary commands.  Repeated exploitation could result in a
denial of service (DoS) condition.

Cisco has released free software updates that address these
vulnerabilities. There are no workarounds that mitigate these
vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

Note: The Cisco Catalyst 6500 Series ASA Services Module, and the
Cisco ASA 5500 Series Adaptive Security Appliance may also be affected
by these vulnerabilities.

The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA
Services Module and Cisco ASA 5500 Series Adaptive Security Appliance
have been disclosed in a separate Cisco Security Advisory. The
Advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlB1h6AACgkQUddfH3/BbTrdbQD/WPf0vA8pJbKyFgfDQ0rol2r4
AAAdCeOQlELptysCaYsBAIZP/vuW1jX43H6pLgx9xBum9wcNBvhzG1m9Bip+nGbH
=e0NQ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ