Threat Level: green Handler on Duty: Richard Porter

SANS ISC: InfoSec Handlers Diary Blog - Cisco Security Advisories 20 JUN 2012 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cisco Security Advisories 20 JUN 2012

Published: 2012-06-21
Last Updated: 2012-06-21 03:40:30 UTC
by Russ McRee (Version: 1)
1 comment(s)

Cisco issued three security advisories today, 20 JUN 2012; two are new, one is an update.

  1. NEW: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability
    Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device.
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6
  2. NEW: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
    The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities:
    Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability
    Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability
    Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability
    Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
  3. UPDATED: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability
    A vulnerability exists in Cisco Application Control Engine (ACE) software.  Administrative users may be logged into an unintended context (virtual instance) on the ACE when running in multicontext mode.
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace

Russ McRee | @holisticinfosec

 

1 comment(s)
Diary Archives