Cisco Blogs

Cisco IOS Security Advisory Bundle – It’s That Time Again

September 28, 2011 - 0 Comments

Once again it’s time for Cisco’s semi-annual Cisco IOS Software Security Advisory Bundled Publication. Today’s edition of the bundle contains a total of nine IOS-related advisories and one non-IOS advisory for the Cisco Unified Communications Manager (CUCM) family of products. Included in the 10 Security Advisories are a total of 19 Cisco Bug IDs, each one representing an individual vulnerability.

The Cisco IOS Software Security Advisories are summarized as follows:

Advisory Title Workaround Available? AMB Available?*
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Yes Yes
Cisco IOS Software IPv6 Denial of Service Vulnerability No No
Cisco IOS Software Data-Link Switching Vulnerability Yes Yes
Cisco IOS Software Network Address Translation Vulnerabilities Yes No
Cisco IOS Software IPv6 over MPLS Vulnerabilities Yes No
Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities No No
Cisco IOS IP Service Level Agreement Vulnerability Yes Yes
Cisco 10000 Series Denial of Service Vulnerability Yes No
Cisco IOS Software Smart Install Remote Code Execution Vulnerability Yes Yes
Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerability Yes Yes

*Applied Mitigation Bulletins (AMBs) describe techniques that use inherent Cisco product abilities to detect and mitigate potential exploitation of these vulnerabilities. Visit the Applied Mitigation Bulletin archive on the Cisco SIO portal for a listing of all previously published AMBs.

If you are impacted by any of the vulnerabilities covered in these advisories where workarounds and/or AMBs are not available, it is highly recommended that you upgrade to a fixed version of software as soon as possible.

In order to determine if you are running an affected version of Cisco IOS Software, please visit the Cisco IOS Software Checker. This web-based application enables customers to more efficiently determine whether a given Cisco IOS Software image is exposed to product vulnerabilities that have been disclosed by the Cisco PSIRT.

Individual Security Advisory links, corresponding links to IntelliShield alerts and Applied Mitigation Bulletins, and the respective CVE IDs and CVSS Base Scores are available on the Cisco Event Response page.

It is our hope that the impact of these advisories is minimal; however, for those affected, it is also our hope that you find this Cisco IOS Software Bundle process to be efficient, time effective, and informative. Stay secure, my friends.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.