Öryggisveikleikar / Security Advisory

SSL- & WebVPN remote exploit/dos:
1. Crafter HTTPS packet will crash a device.
2. SSLVPN sessions cause a memory leak in the device.

Crafter UDP Packet Vulnerability:
[…] a successful attack will result in a blocked input queue in the inbound interface.

SIP Vulnerability:
[…] exists in the SIP implementation in Cisco IOS that can cause a reload of a Cisco IOS device.

SCP Privilege Excalation Vulnerability:
The server side of the Secure Copy (SCP) implementation in Cisco IOS software
contains a vulnerability that could allow authenticated users with an attached
command-line interface (CLI) view to transfer files to and from a Cisco IOS device
that is configured to be an SCP server, regardless of what users are authorized to
do, per the CLI view configuration.

Leave a Comment