Information Security all in one place!

Posts tagged “Denial-of-service attack

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability


 

The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets.

The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload.

Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat

 

 

Advertisements

Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability


 

 

Cisco IOS Software contains a vulnerability in the Smart Install feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if the Smart Install feature is enabled. The vulnerability is triggered when an affected device processes a malformed Smart Install message on TCP port 4786.

Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall

 

 


Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability


Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an
unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition.

A workaround is available to mitigate this vulnerability.

Cisco has released free software updates that address this
vulnerability. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-rsvp


CA ARCServe: DoS Vulnerability


CA ARCserve

CA Technologies is warning that some versions of CA ARCserve Backup for Windows contain a security vulnerability (CVE-2012-1662) that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition to disable network services. According to the company, the bug occurs due to insufficient validation of certain types of network requests.

Versions r12.0, r12.0 SP1, r12.0 SP2, r12.5, r12.5 SP1, r15, r15 SP1 and r16 are affected. CA ARCserve Backup for Windows r12.5 SP2 and r16 SP1 are not vulnerable. Fixes have been released to close the hole.

Further information about the problem, including instructions on how to determine if an installation is affected and download links to patches, can be found in the company’s security advisory.

 

More can be found here from the vendor: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B983E3A52-8374-410A-82BD-B8788733C70F%7D


Cisco: Multiple Vulnerabilities; ASA 5500, Catalyst 6500


Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities:

  • Cisco ASA UDP Inspection Engine Denial of Service Vulnerability
  • Cisco ASA Threat Detection Denial of Service Vulnerability
  • Cisco ASA Syslog Message 305006 Denial of Service Vulnerability
  • Protocol Independent Multicast Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.English: A candidate icon for Portal:Computer ...

Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa

Note: The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) may be affected by some of the vulnerabilities above.
A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm


Anonymous: Tricked Members Infected by Trojan DDOS Utility


The enemy of my enemy is my friend, right?

Victims of the various cyber-attacks by members of the hacktivist group Anonymous are undoubtedly enjoying a bit of schadenfreude this weekend, as a new report from Symantec indicates that some Anonymous members have been tricked into downloading and running a fairly unpleasant Trojan alongside one of their distributed denial-of-service tools.

“In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous,” Symantec writes.

Image representing Symantec as depicted in Cru...

“In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users’ online banking credentials, webmail credentials, and cookies.”

The Trojan problem’s a fairly recent occurrence, as it allegedly popped up the day after Anonymous members launched online counter-offensives in retaliation for the loss of the site Megaupload (and the international arrest of its key management). An anonymous user changed a download link on January 20 within one of the Pastebin-based “How to use Slowloris” tutorials, one of Anonymous’ DOS utilities, and pointed it to a Zeus botnet client instead.

 

 

 

 

 

 

 

 

 

 

Read More Here: http://www.pcmag.com/article2/0,2817,2401121,00.asp


Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers


Cisco WLCs and Cisco WiSMs are responsible for system-wide wireless
LAN functions, such as security policies, intrusion prevention, RF
management, quality of service (QoS), and mobility.

These devices communicate with controller-based access points over any Layer 2 (Ethernet) or Layer 3 (IP) infrastructure using the Lightweight Access Point Protocol (LWAPP) and the Control and Provisioning of Wireless Access Points (CAPWAP) protocol.

The Cisco Wireless LAN Controller (WLC) product family is affected by
the following vulnerabilities:

* Cisco Wireless LAN Controllers HTTP Denial of Service Vulnerability
* Cisco Wireless LAN Controllers IPv6 Denial of Service Vulnerability
* Cisco Wireless LAN Controllers WebAuth Denial of Service Vulnerability
* Cisco Wireless LAN Controllers Unauthorized Access Vulnerability

Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc

Affected Products

The Cisco WLC product family is affected by multiple vulnerabilities. Affected versions of Cisco ASA Software vary depending on the specific vulnerability.

Vulnerable Products

Each of the following products is affected by at least one of the vulnerabilities covered in this Security Advisory:

* Cisco 2000 Series WLC
* Cisco 2100 Series WLC
* Cisco 2500 Series WLC
* Cisco 4100 Series WLC
* Cisco 4400 Series WLC
* Cisco 5500 Series WLC
* Cisco 500 Series Wireless Express Mobility Controllers
* Cisco Wireless Services Modules (WiSM)
* Cisco Wireless Services Modules version 2 (WiSM version 2)
* Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)
* Cisco Catalyst 3750G Integrated WLCs
* Cisco Flex 7500 Series Cloud Controllers

Measures to mitigate these risks can be found here: http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120229-wlc