US-CERT: United States Computer Emergency Readiness Team
Technical Cyber Security Alert TA08-087B
Cisco Updates for Multiple Vulnerabilities
Original release date: March 27, 2008Last revised: --
Source: US-CERT
Systems Affected
- Cisco IOS
Overview
Cisco has released Cisco Security Advisory cisco-sa-20080326-bundle to correct multiple vulnerabilities affecting Cisco IOS. Attackers could exploit these vulnerabilities to access sensitive information or cause a denial of service.
I. Description
Cisco Security Advisory cisco-sa-20080326-bundle addresses a number of vulnerabilities affecting Cisco IOS 12.0, 12.1, 12.2, 12.3, and 12.4. Further details are available in the US-CERT Vulnerability Notes Database.
II. Impact
The impacts of these vulnerabilities vary. Potential consequences include disclosure of sensitive information and denial of service.
III. Solution
Upgrade
These vulnerabilities are addressed in Cisco Security Advisory cisco-sa-20080326-bundle.
IV. References
- US-CERT Vulnerability Notes - <http://www.kb.cert.org/vuls/byid?searchview&query=cisco-sa-20080326-bundle>
- Cisco Security Advisory cisco-sa-20080326-bundle - <http://www.cisco.com/warp/public/707/cisco-sa-20080326-bundle.shtml>
- Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability - <http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml>
- Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS - <http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml>
- Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers - <http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml>
- Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720 - < http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml>
- Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak - <http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml>
Feedback can be directed to US-CERT.
Produced 2008 by US-CERT, a government organization. Terms of use
Revision History
March 27, 2008: Initial release
Get Adobe Reader