Tech
Cisco drops patches for serious IOS vulnerabilities
Cisco has released a peck of patches to cover multiple security flaws in its flagship Cisco IOS.
In all, the networking vendor released 10 advisories covering Cisco IOS flaws and a separate alert for a vulnerability in the Cisco Unified Communications Manager.
This batch of patches, which covers vulnerabilities in the way Cisco IOS processes SIP, NTP, IKE, IP and H.323 tunnels.
- Cisco IOS Software Object-group Access Control List Bypass Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-acl.shtml
- Cisco IOS Software Authentication Proxy Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-auth-proxy.shtml
- Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-cm.shtml
- Cisco Unified Communications Manager Express Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-cme.shtml
- Cisco IOS Software H.323 Denial of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-h323.shtml
- Cisco IOS Software Zone-Based Policy Firewall Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-ios-fw.shtml
- Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-ipsec.shtml
- Cisco IOS Software Network Time Protocol Packet Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-ntp.shtml
- Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-sip.shtml
- Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-tls.shtml
- Cisco IOS Software Tunnels Vulnerability http://www.cisco.com/warp/public/707/cisco-sa-20090923-tunnels.shtml