ID: 3689
Date: 25/09/2008
Title: 3689 - Cisco Security Advisory: IOS Advisory bundled publication - Twelve Security Advisories
Platform level affected:Operating System
Hardware components affected:Network Router/Switch/Modem
Specific operating systems components affected: Cisco IOS
Net-enabled software: Other
Security software:Other
Other software: Other
Remediation Summary:Update your copy of the software with the download available from the supplier.
Vendors affected:Cisco
Applications affected:Cisco IOS, Cisco Unified Communications Manager
Adversity source: Unknown
Attack Vector: Vulnerability exploitation
Virulence: Unknown
Warning Status: Active
Potential Damage: Network DOS
Possible Duration: Open Ended
Availability of fix: Available
Type of fix: Patch
Source: Cisco
Reliability of source: Trusted
Source URL: http://www.cisco.com/warp/public/707/cisco-sa-20080924-bundle.shtml
CVE: CVE-2008-2739, CVE-2008-3798, CVE-2008-3799, CVE-2008-3800, CVE-2008-3801, CVE-2008-3803, CVE-2008-3805, CVE-2008-3804, CVE-2008-3807, CVE-2008-3810, CVE-2008-3811, CVE-2008-3808, CVE-2008-3809, CVE-2008-3812, CVE-2008-3813
Abstract: The September 24, 2008 IOS Advisory bundled publication includes twelve Security Advisories. Eleven of the advisories address vulnerabilities in Cisco's IOS software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each Advisory lists the releases that correct the vulnerability described in the Advisory. Please reference the following software table to find a release that fixes all published IOS software Advisories as of September 24th, 2008.
http://www.cisco.com/warp/public/707/cisco-sa-20080924-iosips.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-vpn.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ipc.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-mfi.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-ubr.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-sccp.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-multicast.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-iosfw.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080924-l2tp.shtml
This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.
The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.
CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.
Thu, 25 Sep 2008 10:00:00 GMT
Domain affected: Technical