Cisco unleashes a dozen security updates
By Cisco Subnet on Thu, 02/26/09 - 6:39pm.
Cisco released a slew of security advisories on Wednesday and Thursday. These affect Cisco IOS/BGP, Cisco Application Networking Manager, Unified MeetingPlace Web Conferencing Server and Application Control Engine.
Here are Cisco's descriptions of these vulnerbilities:
* IntelliShield ID 17640: Cisco Unified MeetingPlace Persistent Cross-Site Scripting Vulnerability -- Cisco Unified MeetingPlace versions prior to 6.0(517.0) and prior to 7.0(2) contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary script code in a user's browser session. The vulnerability is due to an error by the web server. An authenticated, remote attacker could exploit this vulnerability by inserting malicious HTML and script code into the attacker's own MeetingPlace account. This action could allow the attacker to execute the malicious code in the browser session of any user who views the attacker's account details.
* IntelliShield ID 17648: Cisco Unified MeetingPlace Web Conferencing Server Authentication Bypass Vulnerability -- Cisco Unified MeetingPlace versions 6.0 and 7.0 contain a vulnerability that could allow an unauthenticated, remote attacker to bypass authentication and access to the application. The vulnerability exists because the Web Conferencing Server does not properly validate authentication credentials. An attacker could exploit the vulnerability to bypass authentication and access the Unified MeetingPlace application. An exploit could allow the attacker to change configuration settings in the application with administrative privileges.
* IntelliShield alert 17657 (and the older IntelliShield ID 17670 from Feb. 23): Cisco IOS Software Border Gateway Protocol Processing Autonomous System Prepending -- Due to a bug in Cisco IOS Software (CSCsx73770), an error may occur if a Cisco IOS device attempts to send a BGP update message that contains a route with an AS path length greater than 255 to a BGP neighbor.
* IntelliShield ID 17639: Cisco Application Networking Manager Java Agent Privilege Escalation Vulnerability -- Cisco Application Networking Manager (ANM) versions prior to 2.0 Update A contain a vulnerability that could allow an unauthenticated, remote attacker to perform actions with elevated privileges. The vulnerability exists due to an error in the implementation of the Java agent. An unauthenticated, remote attacker could exploit this vulnerability to gain unauthorized access to the Cisco ANM interface. The attacker could leverage this access to view configuration files and modify Cisco ANM processes. By terminating processes, the attacker could cause a denial of service (DoS) condition.
* IntelliShield ID 17637: Cisco Application Networking Manager Default Credential Vulnerability -- Cisco Application Networking Manager (ANM) versions prior to 2.0 contain a vulnerability that could allow an unauthenticated, remote attacker to bypass authentication. The vulnerability exists because ANM fails to force administrators to change authentication credentials during installation. An attacker with knowledge of the credentials could gain unauthorized access to the targeted system, then leverage the access to take complete control of the targeted system.
* IntelliShield ID 17636: Cisco Application Control Engine Device Manager and Application Networking Manager Directory Traversal Vulnerability -- Cisco Application Control Engine Device Manager (ACE) and Application Networking Manager (ANM) contain a directory traversal vulnerability that could allow an authenticated, remote attacker to view and modify arbitrary files. The vulnerability is due to an error when Cisco ACE and Cisco ANM process malicious requests. An authenticated, remote attacker could exploit this vulnerability by using directory traversal characters in a crafted request. An exploit could allow the attacker to conduct directory traversal attacks and view or modify arbitrary files on the targeted system.
* IntelliShield ID 17642: Cisco Application Control Engine Appliance Device Manager Default Credentials Vulnerability --
Cisco Application Control Engine (ACE) Appliance software versions prior to A1(8a) contain a vulnerability that could allow an unauthenticated, remote attacker to gain unauthorized access to the targeted system. The vulnerability is due to the presence of default credentials in the Device Manager. An attacker with knowledge of these default credentials could gain unauthorized access to the targeted system. The attacker could then leverage this access to take complete control the system. Functional exploit code exists for this vulnerability.
* IntelliShield ID 17641: Cisco Application Control Engine Appliance and Application Control Engine Module Default Credential Vulnerability -- Cisco Application Control Engine (ACE) Appliance and Module contain a vulnerability that could allow an unauthenticated, remote attacker to gain unauthorized access to the system. The vulnerability exists due to a failure to change default account credentials. An attacker with knowledge of the credentials could gain unauthorized access to the targeted system to modify the configuration of the application, or leverage access to take complete control of the targeted device.
* IntelliShield ID 17645: Cisco Application Control Engine Module and Appliance Processing SNMPv2 Packet Denial of Service Vulnerability -- Cisco Application Control Engine Module and Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error in the Application Control Engine (ACE) Module and Appliance when handling malformed packets. An attacker could exploit the vulnerability by sending a malicious SNMPv2 packet to the device. If successful, the device may reload, resulting in a DoS condition.
* IntelliShield ID 17644: Cisco Application Control Engine Module and Appliance Processing SSH Packet Denial of Service Vulnerability -- Cisco Application Control Engine (ACE) Module and Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error in the ACE Module and Appliance when handling malformed packets. An unauthenticated, remote attacker could exploit this vulnerability by sending a malicious SSH packet to the device. If successful, the device may reload, resulting in a DoS condition.
* IntelliShield ID 17646: Cisco Application Control Engine Module and Appliance Processing SNMPv3 Packet Denial of Service Vulnerability -- Cisco Application Control Engine Module and Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error in the Application Control Engine (ACE) Module and Appliance when handling malformed packets. An attacker could exploit the vulnerability by sending a malicious Simple Network Management Protocol version 3 (SNMPv3) packet to the device. If successful, the device may reload, resulting in a DoS condition.
IntelliShield ID 17643: Cisco Application Control Engine Module and Application Control Engine Appliance Privilege Escalation Vulnerability -- Cisco Application Control Engine (ACE) Appliance and ACE Module contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands with elevated privileges. The vulnerability is due to insufficient access restrictions enforced by the command-line interface. An authenticated, remote attacker could exploit this vulnerability to gain access to execute arbitrary administrative commands with elevated privileges via the command-line interface. The attacker could leverage these privileges to take complete control of the target system.
For more information on these and other vulnerabilities, check out the Cisco Security Center.
More from Cisco Subnet:
Brocade posts $26 million quarterly loss, record revenues
New CCIE count: Beginning roots of a new tech boom?
OSPF Puzzle VI: Interpreting show ip ospf
IT in 2109: Quantum Entanglement, Mini Black Holes and Nanotech: Part 1
Vyatta beats out Cisco, Juniper for New Mexico win
Details of "Project California" revealed
Largest coordinated ATM Rip-off ever nets $9+ million in 30 minutes
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, training/book giveaways, and more. Follow Cisco Subnet on Twitter.
- About Cisco Subnet Blog
The Cisco Subnet blog is written by Network World managing editor Jim Duffy and is the official blog of Network World's Cisco Subnet community. The Cisco Subnet site is managed by Online Community Editor Julie Bort. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
- Archives
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- On The Web
Twitter
Sponsored Links
- VTI puts Windows & Novell interoperability to work- Novell Microsoft
- Educational Wi-Fi Reference Poster Program to help get you up to speed on Wi-Fi Standards, including 802.11n- Xirrus
- Driving Operational Efficiency in the Datacenter- Microsoft
- FREE Encryption Tool - Encrypt and share your confidential files easily- Sophos
- Microsoft Open Specifications - Fostering innovation, interoperability and vibrant developer communities – Learn more- Microsoft
- Learn the advantages of web app acceleration with Akamai- Akamai
- Compuware can help you optimize application performance. Find out how. - Compuware
- Linux and Unix in Your Environment? Don’t Leave Security to Chance- Quest Software
- Securing Virtualized Data Centers - eBook - Trend Micro
- Efficiency goes up. Costs come down.- Microsoft
-
Network World, Inc
The Leader in Network Knowledge
Cisco is the Microsoft of
Cisco is the Microsoft of networking when it comes to poorly written code leading to endless vulnerabilities. This is a result of a flawed business and development model and lack of standards that will repeat itself over and over unless the whole system is overhauled.
Chambers totally on the wrong track
There once was a time when Chambers ran the company and quality and customer satisfaction with quality was the higest priority from the top down. Now he thinks everyone should be able to make decisions which means total chaos with everyone rushing to get their product to market and new and more products are more important than quality. Twitter and Iphones are fun toys but not the way to run a multibillion dollar company. They need to stop worrying about appearing cool and become a quality networking company again. Second Life is for the unemployed not networking professionals.
Post new comment