Cisco Security Advisories 20 JUN 2012

Published: 2012-06-21
Last Updated: 2012-06-21 03:40:30 UTC
by Russ McRee (Version: 1)
1 comment(s)

Cisco issued three security advisories today, 20 JUN 2012; two are new, one is an update.

  1. NEW: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability
    Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device.
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6
  2. NEW: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
    The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities:
    Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability
    Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability
    Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability
    Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
  3. UPDATED: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability
    A vulnerability exists in Cisco Application Control Engine (ACE) software.  Administrative users may be logged into an unintended context (virtual instance) on the ACE when running in multicontext mode.
    http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace

Russ McRee | @holisticinfosec

 

1 comment(s)

Comments

My co-worker Rutger pointed out that the advisory states: "any system which trusts Cisco's signing certificate chain may be impacted, even if Cisco AnyConnect Secure Mobility Client has never been installed on the system."

So it is wise to implement the suggested workarounds which consists of killbits for the ActiveX controls and blacklisting the SHA-1 hashes of the vulnerable .jar files.

Diary Archives