lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <201307171206.10.ips@psirt.cisco.com>
Date: Wed, 17 Jul 2013 12:06:42 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: full-disclosure@...ts.grok.org.uk
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities
	in Cisco Intrusion Prevention System Software

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Advisory ID: cisco-sa-20130717-ips

Revision 1.0

For Public Release 2013 July 17 16:00  UTC (GMT)
+---------------------------------------------------------------------

Summary
=======

Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities:

	Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability
	Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability
	Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability
	Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability

The Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the MainApp process to become unresponsive.

The Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive due to memory corruption or could cause the reload of the affected system. 

The Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause a reload of a Cisco Intrusion Prevention System Network Module Enhanced (IPS NME).

The Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the kernel of the Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Module to become unresponsive.

Successful exploitation of any of these vulnerabilities could result in a denial of service (DoS) condition.

Cisco has released free software updates that address all the vulnerabilities in this advisory with the exception of the Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability. Customers running a vulnerable version of the Cisco IDSM-2 Module should refer to the "Workarounds" section of this advisory for available mitigations. 

Workarounds that mitigate the Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability and Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability are available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlHmuDoACgkQUddfH3/BbTqVGgD9GUaZyGJh2MeFZcpsPu/IkyvC
xtlb3R3Sbmc/puaRP6UBAIsCRAdxcjhBriR9wdq5AZ44SdrytmlkJMWw5/+pvxhN
=3Yzq
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ