lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <201410151158.6.vcs@psirt.cisco.com>
Date: Wed, 15 Oct 2014 11:58:25 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: bugtraq@...urityfocus.com
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software

Advisory ID: cisco-sa-20141015-vcs

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

Revision 1.0

For Public Release 2014 October 15 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software includes the following vulnerabilities:

    Cisco TelePresence VCS and Cisco Expressway Crafted Packets Denial of Service Vulnerability
    Cisco TelePresence VCS and Cisco Expressway SIP IX Filter Denial of Service Vulnerability
    Cisco TelePresence VCS and Cisco Expressway SIP Denial of Service Vulnerability

Succesfull exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the affected system, which may result in a Denial of Service (DoS) condition.

Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVD6P+4pI1I6i1Mx3AQLo3w//b7W6uaV0LtUS6ij/XXH0YhnSHJqwTJvZ
5DNBjIAuHDBW53An4CU9dAEyjRLQSEgmGS5eLLCQtw2HuPWCTLxaAl+2CTVeKsZs
6afHx9OKYiMGlHQuZiAYupB5xjqhLTXpo0XgHZsgn+PBmhlcg6DE8l6EHEGZEAJJ
Em4WQszSN8mKVqgD6r2ZcK7atQ6TFVTOxjxTTF8DeC/il5kC4XuUR/apBu2VqltY
HrNnNQ0lEUQSEI/veCpVQqC6QPioFP7Fjg38FCi5bi/AtSTZyLvHRt4gakNNeDMc
t6oGHiYexDJnrTyNxZI3YbIZQOTLahHJajt8ZU837VTB/bUI8ULNptTw3TnObPdp
OQU/ah/moLNsaD+oyHqQyaO01KdZbZAAXNm11hRulfhXj/1Yjxy0Nft6Bi1v/l6m
HlrFTzD9F705A1li3cVkVc5Yv8kiD4TtK/tUTPRg/3lb/Dxkntui5LIglurft3OC
uDCnLLBL6vNrhjXz+JNgiRjE4H9CEU8qk6lR9Dhkzgc2OAb/+TcB3RdAtDlNrsIO
9zr8FxhufzUHgTrikUL3Kan23AcDNK1myLVyUY/3wfW4grdmLECFr3PNccohIMTC
d0BkAacqacMiyBkD6AZibAiBYYomCNnAsRTKZedeHZTgch+YVXJrl9f6NRpGFW1W
V7PLGyasDgU=
=21uO
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ