Cisco has patched a denial-of-service vulnerability in its ASR 1000 line of routers, a bug that’s caused by an issue with the way the routers handle some fragmented packets. The company said the DoS vulnerability affects all of the ASR 1000 Series Aggregation Services Routers that are running a vulnerable version of the IOS XE […]
Tag Archives: Cisco
Cisco UCDM Platform Ships With Default, Static Password
A week after admitting that several of its security appliances ship with static SSH keys, Cisco warned customers on Wednesday that its Unified Communications Domain Manager platform has a default, static password for an account that carries root privileges. The vulnerability affects versions of the software prior to 4.4.5 and the company said there are no […]
Patched Apple QuickTime Vulnerability Details Disclosed
Researchers at Cisco Talos released details on a use-after-free vulnerability in Apple QuickTime that could lead to remote code execution.
OpenDNS Acquisition Gives Cisco Big Security Data
Cisco announced today its intent to acquire big data security company OpenDNS for $635 million in cash.
Threatpost News Wrap, June 26, 2015
Dennis Fisher and Mike Mimoso talk about the Cisco default SSH keys, more details of the OPM data breach, the Adobe 0-day and why we never hear about bad APT groups, only the really good ones.
Cisco warns of default SSH key in several products
Cisco security engineers have disclosed that there is a single default ‘maintenance’ SSH key hardcoded into several families of Cisco security appliances.
The post Cisco warns of default SSH key in several products appeared first on We Live Security.
Cisco SSH Key Flaw Has Echoes of Earlier Vulnerabilities
When Cisco released a patch for several of its security appliances Thursday that eliminated the presence of hard-coded SSH host and private keys, the advisory had a distinct air of familiarity about it. That’s because the company released a patch for the same problem in one of its other major products almost exactly one year ago.
Default SSH Key Found in Many Cisco Security Appliances
Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. The company said that all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability. This bug is […]
Cisco Patches IPv6 Vulnerability in Carrier-Grade Router System
Cisco patched a denial of service vulnerability in its IOS XR software used in carrier-grade routers.
Cisco Patches Flaws in TelePresence
Cisco patched command injection, authentication bypass, and denial of service vulnerabilities in a number of its TelePresence products.