Cisco security advisory overview
Cisco released today its first combined six-monthly batch of security advisories.
A quick overview might help in prioritizing your actions.
| Advisory | CVEs | Cisco's CVSS 2.0 base score | Impact |
|---|---|---|---|
| PPTP | Multiple vulnerabilities in virtual private dial up network (VPDN) when PPTP is used lead to Denial of Service. | ||
| CVE-2008-1151 CVE-2008-1150 |
7.1 4.3 |
DoS | |
| DLSw | Multiple vulnerabilities in the Data-link Switching (DLSw) feature when processing UDP or IP protocol 91 packets lead to Denial of Service. DLSw is used to carry SNA and NetBIOS over IP. | ||
| CVE-2008-1152 | 7.8 | DoS | |
| IPv4IPv6 | Dual stack (IPv4 and IPv6) routers have a vulnerability when targeted with crafted IPv6 UDP packets in certain conditions | ||
| CVE-2008-1153 | 7.8 | DoS | |
| queue | Certain Catalyst 6500 and Cisco 7600 devices are vulnerable to a DoS attack when configured for OSPF and MPLS VPNs | ||
| CVE-2008-0537 | 7.8 | DoS | |
| mvpn | Cisco's implementation of Multicast Virtual Private Network (MVPN) is vulnerable to extra multicast state creation. [MVPN is to support multicast traffic in a MPLS VPN] |
||
| CVE-2008-1156 | 7.5 | Extra multicast states can be created resulting a.o. in a potential for leaking multicast traffic from one MPLS VPN to another. Note: MPLS VPNs do not use encryption, they only separate the data. |
|
For support and obtaining fixed software, please reference your support contracts, third party support or Cisco's TAC as appropriate.
Cisco provides a CVSS calculator.
--
Swa Frantzen -- Gorilla Security
Keywords: cisco
0 comment(s)
×
![modal content]()
Diary Archives
Comments