Security Professionals - ipfw add deny all from eindgebruikers to any

cisco firewalls remote code

10-10-2012, 23:32 door Bitwiper, 0 reacties
(1) Remote code exec in Cisco ASA 5500 en Catalyst 6500 ASA Services Module
Advisory ID: cisco-sa-20121010-asa

Naast DoS aanvalsmogelijkheden: DCERPC Inspection Buffer Overflow Vulnerability: Exploitation of the DCERPC Inspection Buffer Overflow Vulnerability could additionally cause a stack overflow and possibly the execution of arbitrary commands.

Devices: Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
Bron: http://lists.grok.org.uk/pipermail/full-disclosure/2012-October/088577.html

(2) Remote code exec in Cisco Firewall Services Module (voor 6500/7600 series)
Advisory ID: cisco-sa-20121010-fwsm

Naast DoS aanvalsmogelijkheden: DCERPC Inspection Buffer Overflow Vulnerability (ingekort): Exploitation could allow an unauthenticated, remote attacker to execute arbitrary commands.

Devices: Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
Bron: http://lists.grok.org.uk/pipermail/full-disclosure/2012-October/088578.html
Nog geen reacties
Reageren

Deze posting is gelocked. Reageren is niet meer mogelijk.