Cisco Unified Communications Manager Denial of Service Vulnerabilities Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.
SNMP Version 3 Authentication Vulnerabilities Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability This Cisco Security Notice is being released in response to the Cisco VPN Concentrator Group Name Enumeration Vulnerability advisory published on June 20, 2005 by NTA Monitor at http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htm.
Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass This document is provided to simplify access to Cisco responses to possible product security vulnerability issues posted in public forums for Cisco customers. This does not imply that Cisco perceives each of these issues as an actual product security vulnerability. This notice is provided on an "as is" basis and does not imply any kind of guarantee or warranty. Your use of the information on the page or materials linked from this page are at your own risk. Cisco reserves the right to change or update this page without notice at any time.
...
CSS SSL Authentication Bypass The Cisco CSS 11500 Series Content Services Switches (CSS) running Secure Socket Layer (SSL) has a vulnerability that may allow a user to bypass SSL authentication and access protected content. Cisco has made free software available to address this vulnerability.
...
ZOTOB and WORM_RBOT.CBQ Mitigation Recommendations Cisco customers are currently experiencing attacks due to new worms and bots that are active on the Internet. The signature of these worms and bots appears as TCP traffic to port 445 as well as traffic to several secondary TCP ports depending on the variant of the worm. Affected customers have been experiencing high volumes of traffic from both internal and external systems. Symptoms on Cisco devices include, but are not limited to, high CPU and traffic drops on the input interfaces. This document focuses on both mitigation techniques and affected Cisco products that need software supplied by Cisco to patch properly.
