Vulnerability Team

1. Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability

Cisco CiscoWorks Common Services is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied data.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.

CiscoWorks Common Services versions prior to 3.0.5, and versions 4.0 and later are not affected.

This issue is tracked by Cisco bug id CSCti41352.

CISCO SECURITY ADVISORY


2. Cisco VPN Concentrator Groupname Enumeration Weakness

Cisco VPN Concentrator is affected by a remote groupname enumeration weakness. This issue is due to a design error that could assist a remote attacker in enumerating groupnames.

Reportedly, once the attacker has verified a groupname they can obtain a password hash from an affected device and carry out bruteforce attacks against the password hash.

A valid groupname and password pair can allow the attacker to complete IKE Phase-1 authentication and carry out man-in-the-middle attacks against other users. This may ultimately allow the attacker to gain unauthorized access to the network.

All Cisco VPN Concentrator 3000 series products running groupname authentication are considered vulnerable to this issue.

This issue is tracked by the following Cisco BUG IDs:

CSCeg00323, CSCsb38075, and CSCsf25725 - for the Cisco VPN 3000 Series Concentrators
CSCei29901 - for the Cisco PIX 500 Series Security Appliances running code version 7.x
CSCei51783 - for the Cisco ASA 5500 Series Adaptive Security Appliances running code version 7.x
CSCsb26495 and CSCsb33172 - for Cisco IOS® software

 Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.

fuente: securityfocus.com