FYI...

SNMP v3 authentication vuln
- http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml#summary
2008 June 10 - "...Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available.."

FYI...

Cisco IPS vuln - update available
- http://isc.sans.org/diary.html?storyid=4591
Last Updated: 2008-06-18 17:57:48 UTC - "Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames... Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability. This advisory is posted here*."
* http://www.cisco.com/warp/public/707/cisco-sa-20080618-ips.shtml#summary
2008 June 18 - "...vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation... Cisco IPS versions are affected:
* Cisco Intrusion Prevention System version 5.x prior to 5.1(8)E2
* Cisco Intrusion Prevention System version 6.x prior to 6.0(5)E2 ..."

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2060

FYI...

Multiple Cisco Products DoS vuln
- http://atlas.arbor.net/briefs/index#-673272965
Severity: Elevated Severity - July 02, 2008 - "Multiple vulnerabilities in Cisco products have been found, which can be exploited to crash the application or cause a DoS because of a vulnerability in a third party cryptographic library. Fixes are available. No known exploits are available.
Analysis: The issue occurs when parsing a crafted Abstract Syntax Notation One (ASN.1) object. In certain cases, an attacker can trigger this vulnerability without a valid certificate or authentication. The vulnerable products are Cisco IOS, Cisco IOS XR, Cisco PIX and ASA Security Appliances, Cisco Firewall Service Module (FWSM) and Cisco Unified CallManager.
Source: Vulnerability In Crypto Library:
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809bb300.shtml

FYI...

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
- http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml#details
2008 July 08 - "...The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:
* Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854 (registered customers only) .
* Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298 (registered customers only) .
* Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930 (registered customers only) .
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447..."

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447

//

FYI...

WebEx Meeting Mgr...
- http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml
Last Updated 2008 August 15 - "...A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine...
The WebEx Meeting Manager downloads several components to meeting participants before they join a WebEx meeting. The vulnerability in this Security Advisory affects the atucfobj.dll library...

- http://www.kb.cert.org/vuls/id/661827
08/15/2008 - "...Solution: The Cisco Security Advisory indicates that WebEx meeting participants will automatically receive a fixed version of atucfobj.dll when they join a meeting on a server with fixed software. Version 26.49.9.2838 is the first fixed version for WBS 26 users..."

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3558
Last revised: 8/11/2008

- https://forums.symantec.com/syment/blog/article?message.uid=345462
08-22-2008 07:08 PM - "On August 20, our honeypots began to receive attacks against the Cisco WebEx Meeting Manager vulnerability. This August 6 vulnerability exists in the ActiveX control used by WebEx to permit users to participate in meetings via Internet Explorer. Users running the vulnerable version of the Webex control who happened upon a Web site distributing the exploit would become infected. The first exploits that we have seen so far have been served via gaming sites that have had the exploit package injected on to them. While WebEx will automatically patch each user when they join a meeting hosted on a patched server, this vulnerability is only two weeks old. Many vulnerable users may have been on holidays, making it reasonably likely that some users will become infected by visiting day-to-day Web sites before their next WebEx meeting..."

FYI...

Cisco ASA and PIX multiple vulns
- http://secunia.com/advisories/31730/
Release Date: 2008-09-04
Critical: Moderately critical
Impact: Exposure of sensitive information, DoS
Where: From remote
Solution Status: Vendor Patch
OS: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco PIX 7.x, Cisco PIX 8.x
...The vulnerability is reported in Cisco ASA devices running software versions 8.0 or 8.1 with clientless VPNs enabled. Cisco ASA devices that run software versions 7.0, 7.1, or 7.2 are not affected.
Solution: Update to fixed versions (please see the vendor's advisory for details)...
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20080903-asa.shtml

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2732
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2733
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2734
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2735
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2736

//

Cisco Secure ACS EAP DoS
- http://secunia.com/advisories/31731/
Release Date: 2008-09-04
Critical: Less critical
Impact: DoS
Where: From local network
Solution Status: Vendor Patch
OS: Cisco Secure ACS Solution Engine 3.x, Cisco Secure ACS Solution Engine 4.x ...
Solution: Apply patches. Please see the vendor advisory for details...
Original Advisory: Cisco:
http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml

- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2441