Skip to content

Home Early Warning System Advisory
Advisory
Cisco Security Advisories
Thursday, 18 October 2018 17:00

Cisco has released seven(7) High, and eight(8) Medium new security advisories to address vulnerabilities in multiple Cisco products. It is advised to update.

A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI.

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly.

A vulnerability in the Precision Time Protocol (PTP) feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads.

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

 
Secure Shell(SSH) Implementation Library (libssh) Authentication-Bypass Vulnerabilties
Thursday, 18 October 2018 17:00

A vulnerability was reported in the Secure Shell (SSH) implementation library known as Libssh that could allow an attacker to bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password.Users are advised to install the updated versions of Libssh as soon as possible.

 
Linux Security Update Overview (17th October)
Wednesday, 17 October 2018 12:00

The following Linux distributions have released security updates to fix vulnerabilties:
Debian: Security updates for libssh, graphicsmagick, asterisk, spice, moin, otrs2, imagemagick and wireshark.
SUSE: Security updates for binutils, ImageMagick, Linux Kernel, libssh, samba, python, git, libtirpc, axis, and texlive.
Ubuntu: Security updates for paramiko, libssh, ClamAV, MoinMoin, Thunderbird, Net-SNMP, Requests, and Git.
Archlinux: Security updates for thunderbird, chromium, net-snmp, libssh, and wireshark-cli.
Oracle Linux: Security updates for java-1.8.0-openjdk, tomcat, ghostscript, openssl, and Unbreakable Enterprise kernel.

 
Oracle Critical Patch Update (October 2018)
Wednesday, 17 October 2018 10:00

Oracle has released 301 new security fixes to address vulnerabilities of multiple oracle products in October, 2018. It is advised to update.

 
PHP Security Updates
Tuesday, 16 October 2018 12:00

PHP has released security updates for PHP7 (version 7.2.11 and version 7.1.23). Remote attacker may be able to execute arbitrary code on the target system. It is advised to update.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 357
[YOUR IP : 54.162.118.107: 46122] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...