Cisco Plugs Product Holes
Tuesday, September 6, 2016 @ 01:09 PM gHale
Cisco updated a series of products to fix critical vulnerabilities.
The first of the vulnerabilities were two holes in Cisco’s WebEx Meetings Player.
The more serious of the flaws (CVE-2016-1464), rated critical, which could grant an unauthenticated attacker the ability to remotely execute arbitrary code by convincing a victim to open a file with vulnerable software.
Another vulnerability found by Francis Provencher, security researcher and founder of the Canadian government agency COSIG, classified as medium, could allow an unauthenticated attacker to remotely crash the WebEx Meetings Player by getting the victim to open a malicious file.
Both vulnerabilities found by Provencher affect Cisco WebEx Meetings Player version T29.10 for WRF files. Cisco released updates to address the bugs, but no workarounds are available.
Cisco also published advisories describing five different vulnerabilities affecting Small Business series switches and IP phones. Four of the issues came to Cisco from Nicolas Collignon and Renaud Dubourguais of Synacktiv, and one by security researcher Chris Watts.
They discovered Cisco Small Business 220 Series Smart Plus (Sx220) switches suffer from a flaw that allows a remote, unauthenticated attacker to gain access to Simple Network Management Protocol (SNMP) objects on vulnerable devices. The security hole (CVE-2016-1473), classified as “critical” is the result of a default SNMP community string that cannot end up removed.
Another advisory (CVE-2016-1469) details a high severity denial-of-service (DoS) vulnerability affecting Small Business IP phones: SPA300, SPA500 and SPA51x models.
Due to incorrect handling of malformed HTTP traffic, the phones can enter a DoS condition if a remote attacker sends them specially crafted requests.
Cisco also released patches for three medium severity cross-site request forgery (CSRF), cross-site scripting (XSS) and DoS vulnerabilities affecting Small Business 220 Series Smart Plus (Sx220) switches.
Leave a Reply
You must be logged in to post a comment.