Cisco Releases Security Alerts

URL : http://www.us-cert.gov/current/index.html#cisco_releases_security_alerts

added September 24, 2008 at 02:42 pm

Cisco has released multiple security alerts to address vulnerabilities in the Unified Communications Manager and IOS. These vulnerabilities may allow a remote unauthenticated attacker to cause a denial-of-service condition, obtain sensitive information, or operate with escalated privileges.

US-CERT encourages users and administrators to review the following Cisco Alerts and apply any necessary updates to help mitigate the risks.

• Cisco Unified Communications Manager Session Initiation Protocol Message Reload Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16667)
  
• Cisco IOS Software L2TP Packet Handling Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16650)
  
• Cisco IOS Multiprotocol Label Switching Virtual Private Network Information Disclosure Issue (http://tools.cisco.com/security/center/viewAlert.x?alertId=16669)
  
• Cisco IOS Linecard Redundancy Unauthorized Access Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16669)
  
• Cisco IOS Software Session Initiation Message Memory Leak Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16651)
  
• Cisco IOS Skinny Call Control Protocol Fragmented Message Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16670)
  
• Cisco IOS IPS Feature SERVICE.DNS Signature Engine Network Traffic Handling Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16656)
  
• Cisco IOS IPC Message Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16646)
  
• Cisco IOS Multi Protocol Label Switching Forwarding Infrastructure Denial of Service Vulnerability (http://tools.cisco.com/security/center/viewAlert.x?alertId=16635)