lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201404301204.6.mxp@psirt.cisco.com>
Date: Wed, 30 Apr 2014 12:04:37 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence System MXP Series

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco TelePresence System MXP Series

Advisory ID: cisco-sa-20140430-mxp

Revision 1.0

For Public Release 2014 April 30 16:00  UTC (GMT)

Summary
=======

Cisco TelePresence System MXP Series Software contains the following vulnerabilities:
	Three SIP denial of service vulnerabilities
	Three H.225 denial of service vulnerabilities

Successful exploitation of these vulnerabilities may allow an attacker to cause system instability and the affected system to reload.

Note: This security advisory does not provide information about the OpenSSL TLS Heartbeat Read Overrun Vulnerability identified by CVE-2014-0160  (also known as Heartbleed).  For additional information regarding Cisco products affected by the Heartbleed vulnerability, refer to the Cisco Security Advisory available at the following link:  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

Cisco has released free software updates that address these vulnerabilities.
There are no workarounds that mitigate these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTYR4GAAoJEIpI1I6i1Mx3uZMP/R5dy6VQ54g0W2niaUcTStr9
s/7SAcSY9D2RIBB9P/Z11aA3gSa7a59Ee4Cx9BCw6oW+FEg1WkUS0zxYcMps4N7p
mAtdedibXPZzEkzkkAoWlJ9d7ZCzmcXRGtd1Q7xR/+5t/kDBRehcswyal5DF1zdZ
hTaOAem71bu0AMsR1TJqOPyvkL2Mo5HLdoX4USS+3NpFeRkd3n+W9L9Y1BZnJkZZ
UUABeFVt07pabCdx+XvLhwUZX4FlJ+VNPg8TTmZ3UyaRTzg+vzGW+ehnq430fivD
wuDvcUwqacJhKqneKRAcQwqHcYV//SCoWsfzKU6hmStbLLGuBWtPQCKIYf5AOGU0
omTsivEsMKsFYfY6QNuMZVxWBL4+2c/AZm1deqJGDK7acKlBDqPcMQh5ajUJhjAb
yFAxuD5328GF0qvuz+TdW70c/ycL1KBF5GGycQ/sBaLFICseGSUZB1sbbt2/zMig
I7WHVTRvMyYiaUpJWtC5SnVXw6JvdF6Jg2UznYZWSxW+aFzv6wlgfOHFHdSgr5Ut
FdwNXul2kQ2jEAIc/1/epV4c/JuAq2xniHqSPQ1vzEWhdht0YcxTnesiN6mLazF6
2lZl09JzjtiVo7HdnrKRnOXhw1fJ2lktVd5os6l2uGfE2cQ5jX43pFvD+vdBn5Z5
SBZPfxs0xeOXar+k1RfT
=ZX9C
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ