11 in all on same day, affecting IOS and Unified Communications Manager
Cisco today released 11 security advisories — nine for IOS and two for Unified Communications Manager. Several deal with denial of service vulnerabilities and others with holes in encrypted packets, authentication proxies, ACLs, firewall policies and Internet key exchanges. Two involve Cisco’s implementation of the SIP protocol.
Cisco has already issued six Applied Mitigation Bulletins for the advisories explaining how to avoid or workaround the vulnerabilities. The five vulnerabilities for which mitigation bulletins have not yet been issued all involve IOS, and include: object group ACL bypass, crafted encryption packet DoS, authentication proxy, zone-based policy firewall and Network Time Protocol packets.
Nonetheless, Cisco says each advisory lists software releases that correct the vulnerabilities.
Cisco says it is not aware of any malicious exploitations of the vulnerabilities. Most were discovered by Cisco during internal testing; others were reported by customers on uncovered during customer support calls.
More from Cisco Subnet:
Win great stuff from Cisco Subnet Like e-mail? Subscribe to the Cisco Alert newsletter. Cisco Subnet RSS feedFollow all Cisco Subnet bloggers on Twitter.
- Cisco Steps Up to Solve a Problem
- Cisco also backs flattening of data center networks
- CCNA Difficulties, Part VI (and last): Simlets
- Vendor Math
- Cisco-Juniper battle for carrier business continues neck-and-neck
- 10 in IPv6 Does Not Equal 10 in IPv4
- Cisco outlines LTE strategy
- HP fortifies switch lineup for battle with Cisco
Like RSS readers? Subscribe to the
Follow Jim Duffy on Twitter




