Cisco issued four security notices - not security advisories - recently to alert users of "low- to mid-level severity" security issues involving the company's IOS XR software, Unified Computing System server, ASA firewalls and wireless LAN controllers. The notices were first reported by Threatpost.com.
A Cisco security notice differs from a security advisory in that the notices deal with vulnerabilities Cisco deems to be low severity or "mid-level" severity. Advisories are apparently issued for higher level vulnerabilities discovered during product service and support, internal testing, or by customers or researchers.
With security advisories, Cisco usually proactively issues free software upgrades to fix the vulnerability or publishes workarounds to mitigate it. Not so with the security notice - Cisco leaves it to the customer to contact their support channels for software upgrades that are not free.
[COMING SOON: Could this be Cisco's Internet of Everything router?]
The IOS XR vulnerability involves the Routing Information Protocol, and could allow an unauthenticated, remote attacker to cause the RIP process to crash. The vulnerability is due to insufficient input validations of the packet that an attacker could exploit by sending a crafted RIP version 2 packet.
The UCS hole has to do with a memory leak situation in the 6100 series Fabric Interconnects. The vulnerability is due to not releasing memory after execution of either the show monitor session all or show monitor session CLI commands if a Switched Port Analyzer session is not configured.
An attacker could exploit this vulnerability by executing either the show monitor session all or the show monitor session locally on the device, which would cause the device to exhaust its memory and reset, according to the security notice.
The ASA vulnerability could allow an unauthenticated, remote attacker to fill the connection table in the ASA and prevent new connections to be established through the device. The vulnerability is due to the ASA not honoring the idle timeout for some protocol inspected connections. If an attacker sends several crafted requests for one or more protocols configured for inspection, the ASA firewall could stop accepting new connections, resulting in a denial of service condition.
The wireless LAN controller glitch is also a DoS condition that could be executed through the device's Web Administrator Interface. The vulnerability is due to a failure to properly validate certain parameters prior to processing them on the device, the notice states.
An authenticated attacker with an account that is a member of either the Full Manager, Read Only or Lobby Ambassador managers group could exploit this vulnerability by submitting a request to the affected device that contains a missing or malformed value for specific parameters. An exploit could allow the attacker to crash the device resulting in a DoS condition during a system reboot, the notice states.
More from Cisco Subnet:
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter