Cisco Releases IOS Bundle of Vulnerabilities :SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc(情報元のブックマーク数)
Ciscoから多数のセキュリティアドバイザリが出ています。
Cisco has officially released a "bundle" of vulnerability notices for their IOS software. The issues related to these notifcations are varied and relate to TCP, UDP, Mobile and VPN vulnerabilities. We are reviewing them now and thought you may want to do the same.
InfoSec Handlers Diary Blog - Cisco Releases IOS Bundle of Vulnerabilities
- Cisco IOS cTCP DoS Vulnerability
- Cisco IOS Multiple Features IP Sockets Vulnerability
- Cisco IOS Mobile IP and Mobile IPv6 Vulnerabilities
- Cisco IOS Secure Copy Privilege Escalation Vulnerability
- Cisco IOS Session Initiation Protocol DoS Vulnerability
- Cisco IOS Multiple Features Crafted TCP Sequence Vulnerability
- Cisco IOS Multiple Features Crafted UDP Packet Vulnerability
- Cisco IOS WebVPN and SSLVPN Vulnerabilities
- Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability
- Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability
- Cisco IOS Software Multiple Features IP Sockets Vulnerability
- Cisco IOS Software WebVPN and SSLVPN Vulnerabilities
- Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities
- Cisco IOS Software Secure Copy Privilege Escalation Vulnerability
- Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
- Cisco IOS cTCP Denial of Service Vulnerability
US-CERTも回避策かアップデートを適用した方が良いよって言っています。
US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary workarounds or updates to help mitigate the risks.
http://www.us-cert.gov/current/index.html#cisco_releases_multiple_security_advisory
