Yesterday must have been “National Cisco Security Advisory Day” as they released 11 of them:

Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet
Advisory ID: cisco-sa-20080924-ssl

Cisco Security Advisory: Cisco IOS IPS Denial of Service Vulnerability
Advisory ID: cisco-sa-20080924-iosips

Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software
Advisory ID: cisco-sa-20080924-multicast

Cisco Security Advisory: Cisco IOS NAT Skinny Call Control Protocol Vulnerability
Advisory ID: cisco-sa-20080924-sccp

Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
Advisory ID: cisco-sa-20080924-cucm

Cisco Security Advisory: Cisco uBR10012 Series Devices SNMP Vulnerability
Advisory ID: cisco-sa-20080924-ubr

Cisco Security Advisory: Cisco IOS MPLS VPN May Leak Information
Advisory ID: cisco-sa-20080924-vpn

Cisco Security Advisory: Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability
Advisory ID: cisco-sa-20080924-mfi

Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability
Advisory ID: cisco-sa-20080924-ipc

Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability
Advisory ID: cisco-sa-20080924-iosfw

Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
Advisory ID: cisco-sa-20080924-l2tp

About Brian Dennis, CCIE #2210:

Brian Dennis has been in the networking industry for more than 22 years, with a focus on Cisco networking for the past 16 years. Brian achieved his first CCIE in Routing & Switching in 1996, and is currently the only ten year CCIE that holds five CCIE certifications. Prior to working with INE, Brian taught and developed CCIE preparation courses for various well known training organizations. Brian not only brings his years of teaching experience to the classroom, but also years of real world enterprise and service provider experience.

Find all posts by Brian Dennis, CCIE #2210 | Visit Website

You can leave a response, or trackback from your own site.

3 Responses to “Cisco National Security Advisory Day – September 24th”

  1. Patrick says:

    Don’t you mean Global Cisco Security Advisory Day, since the rest of the world also runs Cisco products? ;)

  2. Nick says:

    yeah I saw the above vulnerabilities as well and took immediate action in our network especially for the “MPLS VPN may leak information”. If we really want to convince our customers that MPLS VPNs are equivalent to traditional frame-relay/ATM circuits in terms of security and client separation then such kinds of vulnerabilities must be corrected immediately.

  3. Marc Nelson says:

    Cisco is a very well established brand and they should demand rights to their intellectual property.

    This device was so useful and well-appreciated to people.Cisco is a huge company and their products carry a much larger impact than all of the apple products combined.


Leave a Reply


CCIE Bloggers