Cisco is back, so you can go read up on their new advisories (<--- See!
Last Updated: 2007-08-08 22:19:56 UTC
by Tom Liston (Version: 1)
Here they are:
1: Cisco Security Advisory: Cisco IOS Secure Copy Authorization Bypass
2: Cisco Security Advisory: Cisco IOS Next Hop Resolution Protocol Vulnerability
3: Cisco Security Advisory: Cisco IOS Information Leakage Using IPv6 Routing
4: Cisco Security Advisory: Voice Vulnerabilities in Cisco IOS and Cisco
Unified Communications Manager
IOS has the capability to act as an SCP server (through the addition of the IOS
Secure Copy Server service). There is a flaw in this service that allows any
valid user to access any file on the Cisco device (including device
There is an issue with Cisco's implementation of the Next Hop Resolution
Protocol (NHRP) that could potentially cause a device restart or (possibly)
code execution on the device. The issue affects NHRP running at all layers
(Layer 2, GRE / mGRE, or at the IP layer).
Specially crafted IPv6 packets with a type 0 routing header can cause
information leakage or a crash of the affected IOS or IOS XR devices.
There are issues with voice-related vulnerabilities in multiple protocols
[Session Initiation Protocol (SIP), Media Gateway Control Protocol (MGCP),
Signaling protocols H.323, H.254, Real-time Transport Protocol (RTP), and
Facsimile reception]. These issues affect IOS (if voice services are enabled)
and one (SIP related) is found in Cisco Unified Communications Manager.
1: Not much... user needs a login, but after that, it's pretty much game-over.
2: Layer 2 only... attacker needs to be on the same link
3: Only the IPv6 subsystem crashes... IPv4 appears (from the advisory) to still
4: Uh... not much... patch this 'un now.. The others can potentially wait for
testing, this one can't.
If you're doing VoIP stuff w/Cisco hardware, then Issue #4 is a definite
must-do... other than that, prioritizing these is difficult because they all
are very "configuration-centric." Sorry...