Cisco Plugs Product Holes

Tuesday, September 6, 2016 @ 01:09 PM gHale


Cisco updated a series of products to fix critical vulnerabilities.

The first of the vulnerabilities were two holes in Cisco’s WebEx Meetings Player.

RELATED STORIES
Cisco Fixes Zero Day, Other Vulnerabilities
Cisco Fixes Critical Flaws in Routers
Cisco Mitigates Vulnerabilities
Cisco Fixes Network Analysis Modules

The more serious of the flaws (CVE-2016-1464), rated critical, which could grant an unauthenticated attacker the ability to remotely execute arbitrary code by convincing a victim to open a file with vulnerable software.

Another vulnerability found by Francis Provencher, security researcher and founder of the Canadian government agency COSIG, classified as medium, could allow an unauthenticated attacker to remotely crash the WebEx Meetings Player by getting the victim to open a malicious file.

Both vulnerabilities found by Provencher affect Cisco WebEx Meetings Player version T29.10 for WRF files. Cisco released updates to address the bugs, but no workarounds are available.

Cisco also published advisories describing five different vulnerabilities affecting Small Business series switches and IP phones. Four of the issues came to Cisco from Nicolas Collignon and Renaud Dubourguais of Synacktiv, and one by security researcher Chris Watts.

They discovered Cisco Small Business 220 Series Smart Plus (Sx220) switches suffer from a flaw that allows a remote, unauthenticated attacker to gain access to Simple Network Management Protocol (SNMP) objects on vulnerable devices. The security hole (CVE-2016-1473), classified as “critical” is the result of a default SNMP community string that cannot end up removed.

Another advisory (CVE-2016-1469) details a high severity denial-of-service (DoS) vulnerability affecting Small Business IP phones: SPA300, SPA500 and SPA51x models.

Due to incorrect handling of malformed HTTP traffic, the phones can enter a DoS condition if a remote attacker sends them specially crafted requests.

Cisco also released patches for three medium severity cross-site request forgery (CSRF), cross-site scripting (XSS) and DoS vulnerabilities affecting Small Business 220 Series Smart Plus (Sx220) switches.