Security Hero Rotating Header Image

August, 2006:

NAC Agent Installation Bypass

NAC Agent Installation Bypass

This is the Cisco PSIRT response to the statements made by Andreas Gal and Joachim Feise in their advisory entitled “NAC agent installation bypass”, available at http://www.securityfocus.com/archive/1/444424/30/0/threaded We greatly appreciate the opportunity to work with researchers on security vulnerabilities, and welcome the opportunity to review and assist in product reports.

URL: http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html

Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit – 8/24/2006

Microsoft Security Advisory (923762): Long URLs to sites using HTTP 1.1 and compression Could Cause Internet Explorer 6 Service Pack 1 to Unexpectedly Exit – 8/24/2006

Revision Note: Advisory updated to direct customers to the revised version of Microsoft Security Bulletin MS06-042 that includes new updates for Internet Explorer 6 Service Pack 1. Advisory Summary:Microsoft announced last week that it would be re-releasing MS06-042 Tuesday, August 22, 2006 to address an issue affecting Internet Explorer 6 Service Pack 1 customers discussed in Microsoft Knowledge Base Article 923762. Due to an issue discovered in final testing, Microsoft will not be re-releasing MS06-042 today. This update will be re-released for Internet Explorer 6 Service Pack 1 when it meets an appropriate level of quality for broad distribution. Microsoft is also aware of public reports that this issue can lead to a buffer overrun condition for Internet Explorer 6 Service Pack 1 customers that have MS06-042 applied. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time. Microsoft is aggressively investigating the public reports. Only customers using Internet Explorer 6.0 SP1 are affected, all other customers should continue their deployments of MS06-042. Customers using Internet Explorer 6.0 SP 1 should continue their deployment of MS06-042 and follow the existing guidance provided in Knowledge Base article 923762 and the Suggested Actions section of this Security Advisory.

URL: http://www.microsoft.com/technet/security/advisory/923762.mspx

Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability

Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability

This document contains information to assist Cisco customers in mitigating attempts to exploit the Microsoft Server Service Buffer Overflow Vulnerability. There is a remote code execution vulnerability in Server Service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

URL: http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html

Unconfirmed SIP Inspection Vulnerability

Unconfirmed SIP Inspection Vulnerability

This is the initial response from the Cisco Product Security Incident Response Team (PSIRT) in regards to a potential vulnerability originally disclosed at the recent Black Hat USA 2006 Briefings. In a presentation entitled “SIP Stack Fingerprinting and Stack Difference Attacks”, Hendrik Scholz referenced a potential vulnerability in the way the Cisco PIX 500 Series Security Appliances handle inspection of Session Initiation Protocol (SIP) messages.

URL: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/tsd_products_security_response09186a008070d33b.html

Exploit Code Published Affecting the Server Service – 8/13/2006

Microsoft Security Advisory (922437): Exploit Code Published Affecting the Server Service – 8/13/2006

Revision Note: Advisory published. Advisory Summary:Security Advisory

URL: http://www.microsoft.com/technet/security/advisory/922437.mspx

SIP User Directory Information Disclosure

SIP User Directory Information Disclosure

SIP User Directory Information Disclosure

URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/tsd_products_security_response09186a00806fc07e.html