Cisco Security Advisories 20 JUN 2012
Cisco issued three security advisories today, 20 JUN 2012; two are new, one is an update.
- NEW: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability
Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco Catalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6 - NEW: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities:
Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability
Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability
Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability
Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader Arbitrary Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
- UPDATED: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability
A vulnerability exists in Cisco Application Control Engine (ACE) software. Administrative users may be logged into an unintended context (virtual instance) on the ACE when running in multicontext mode.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ace
Keywords: CISCO Security Advisory
1 comment(s)
×
Diary Archives
Comments
So it is wise to implement the suggested workarounds which consists of killbits for the ActiveX controls and blacklisting the SHA-1 hashes of the vulnerable .jar files.
Seccubus
Jun 26th 2012
1 decade ago