In association with heise online

04 October 2011, 15:00

Cisco patch day closes critical vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco Logo

Cisco has published ten security advisories as part of its bi-annual patch day. The advisories resolve a number of security vulnerabilities. The most serious vulnerability (CVSS 10) to have been addressed was in Catalyst switches running the company's IOS network operating system software. A bug in the Smart Install remote maintenance feature allowed remote attackers to execute arbitrary code on affected switches.

The other advisories fix denial-of-service (DoS) vulnerabilities in iOS, Unified Communications Manager and 1000 series routers. Cisco has released updates which fix these vulnerabilities; workarounds exist for some of the problems. As promised, Cisco has also fixed the backdoor vulnerability in its Identity Services Engine identity management software.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit