Cisco plugs holes in Voice Portal, SSH implementation

                   
zdnet.com     May 21, 2008            

It's Patch Day in the land of Cisco. The network routing and switching giant today released three security bulletins with patches for multiple vulnerabilities affecting the Cisco Voice Portal and the Secure Shell server (SSH) implementation in Cisco IOS. The most serious of the vulnerabilities... [read full story]                

Full Coverage
                   

Three Cisco advisories released today, (Wed, May 21st)

sans.org     May 21, 2008          

by George Bakos (Version: 1) Cisco has released three advisories this week, two that cover DOS vulnerabilities in IOS SSH and the Secure Control Engine (SCE) and one privilege escalation in Cisco Voice Portal (CVP). While the "Exploitation and Public Announcements" portion of all three advisories...                

comments

                   

Cisco Service Control Engine Denial of Service Vulnerabilities

cisco.com     May 21, 2008          

Three Secure Shell (SSH) vulnerabilities exist in the Cisco Service Control Engine (SCE) that may result in system instability or a reload of the SCE. The first vulnerability may be triggered during SSH login activity that is conducted within aggressive time frames. The second vulnerability may...                

comments

                   

Cisco Voice Portal Privilege Escalation Vulnerability

cisco.com     May 21, 2008          

For Public Release 2008 May 21 1600 UTC (GMT) Summary A vulnerability exists in the Cisco Unified Customer Voice Portal (CVP) where an authenticated user can create, modify, or delete a superuser account. This advisory is posted at CVP systems running software release 3.x are not vulnerable. No...                

comments

                   

Cisco IOS Secure Shell Denial of Service Vulnerabilities

cisco.com     May 21, 2008          

For Public Release 2008 May 21 1600 UTC (GMT) Summary The Secure Shell server (SSH) implementation in Cisco IOS contains multiple vulnerabilities that allow unauthenticated users the ability to generate a spurious memory access error or, in certain cases, reload the device. The IOS SSH server is...                

comments

                   

Cisco Releases Three Security Advisories

channelweb.com     May 22, 2008          

By Stefanie Hoffman, ChannelWeb Cisco reported three security advisories this week, addressing vulnerabilities in its Secure Control Engine, IOS Secure Shell Server and the Cisco Unified Customer Voice Portal that could lead to Denial of Service attacks and privilege escalation. Specifically, two...                

comments

                   

Ahead of Rootkit Talk, Cisco Patches Router Flaw

pcworld.com     May 22, 2008          

Robert McMillan, IDG News Service Cisco has issued three security patches, fixing bugs that could crash its products and drawing a warning from the SANS Internet Storm Center. The updates, issued Wednesday, fix denial of service bugs in the SSH (Secure Shell) software in Cisco's Internetwork...                

comments

                   

Ahead of Rootkit Talk, Cisco Patches Router Flaw (PC World)

yahoo.com     May 22, 2008          

Robert McMillan, IDG News Service 47 minutes ago Cisco has issued three security patches, fixing bugs that could crash its products and drawing a warning from the SANS Internet Storm Center. The updates, issued Wednesday, fix denial of service bugs in the SSH (Secure Shell) software in Cisco's...                

comments

                   

Cisco patches router flaw ahead of rootkit talk

infoworld.com     May 22, 2008          

Cisco has issued three security patches, fixing bugs that could crash its products and drawing a warning from the SANS Internet Storm Center.The updates, issued Wednesday, fix denial of service bugs in the SSH (Secure Shell) software in Cisco's Internetwork Operating System (IOS), used to power...                

comments

                   

Ahead of rootkit talk, Cisco patches router flaw

networkworld.com     May 22, 2008          

Cisco has issued three security patches, fixing bugs that could crash its products and drawing a warning from the SANS Internet Storm Center. ... has issued three security patches, fixing bugs that could crash its products and drawing a warning from the SANS Internet...                

comments

                   

Cisco Releases Trio Of Advisories

securitypronews.com     May 22, 2008          

Cisco released three security advisories yesterday, and some onlookers are taking the move as a sign that the company is a little on edge. It seems the patches fall outside Cisco's normal release schedule, and also come right before an important rootkit presentation.Cisco Releases Trio Of...                

comments

1 2 next