Text only | Text with Images

Networking-Forums.com

Professional Discussions => Security => Topic started by: icecream-guy on March 25, 2015, 02:38:02 PM

Title: Happy Bi-Annual Cisco Security Advisory Release Day
Post by: icecream-guy on March 25, 2015, 02:38:02 PM
Best one is the Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability
where _every_ device running Cisco IOS or Cisco XE, that has a service listening on a TCP port, is vulnerable to a memory leak that can  cause an attacker to cause reboot of said device.

so far 7 advisories, but nothing as fun, although the Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities is pretty cool if you have lots of VPN's terminated on Cisco devices.
Title: Re: Happy Bi-Annual Cisco Security Advisory Release Day
Post by: deanwebb on March 25, 2015, 04:17:39 PM
IKEv2 vulnerability? That's going to be very funny, except for the VPN engineers.

I'm not one, so...

:lol:
Title: Re: Happy Bi-Annual Cisco Security Advisory Release Day
Post by: SimonV on March 25, 2015, 04:47:34 PM
I'll pretend I didn't read this thread  :-X
Title: Re: Happy Bi-Annual Cisco Security Advisory Release Day
Post by: Reggle on March 26, 2015, 04:20:10 AM
The IKEv2 is worse than the TCP memory leak for me. Generally I don't have services open towards the internet from a Cisco device. IKEv2 however...
Title: Re: Happy Bi-Annual Cisco Security Advisory Release Day
Post by: icecream-guy on March 26, 2015, 07:08:09 AM
Quote from: Reggle on March 26, 2015, 04:20:10 AM
The IKEv2 is worse than the TCP memory leak for me. Generally I don't have services open towards the internet from a Cisco device. IKEv2 however...

don't discount the internal threats.....
Text only | Text with Images