[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Products
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Wed May 21 12:32:43 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Multiple Vulnerabilities in Cisco NX-OS-Based Products
Advisory ID: cisco-sa-20140521-nxos
Revision 1.0
For Public Release 2014 May 21 16:00 UTC (GMT)
Summary
=======
Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities:
* Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability
* Cisco NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability
* Cisco NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability
* Cisco NX-OS Message Transfer Service Denial of Service Vulnerability
Cisco has released free software updates that address these vulnerabilities.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJTfNQKAAoJEIpI1I6i1Mx3cWQQALMuU9ECOTV//eDDtq4NfEXl
24SkIqEvbpuOvzBJKJSZn44wAxLHDFh32Hh88d2rLy+qkIp8nVzSfIoyXkmucMXu
GF1SkMh4ZUEolon970gtGyX/uaWab7GBH+NWFNlfhVO0bRvZQwkZruORnYLVbPNz
Etkd1NXqWYqPxNLcHW2P12ReZM+nGeJf+5QDgBWhvfpjSKIAE2HeBsRqX3jv7Ly3
IjeyTR9wDE4ywNl7BdNEXdv1Kj4cZX6oGbnDkam/bp0C5K7Zp8LifvCZPBAnlFHt
yBZm1ThTQ+3L+fPjLFoqBCzwD4jRGaG0ADANSnaIsqOysBZNEK3ijFNDjhnLELZh
wS/cizW/7ZaAR0BSfxGUPC9FScy+JfIse7xorJHUyxHC5myTccGtJrzLiOE79sAY
+ta/eatTtsc2GrVnLVDueccY4ZbyCnxsJh/a7ptrgFiZu6cGiIee9bEeZ+Wx8GL3
6WLCq5FE7L0aWIo/r34wYFSUUQ2ibAuyvQUhe9P9lhakOpIClCCcOWThO/u/FzeW
qAyidLsLr5GBjUPLeAbtIxBu9Paa+vfqjr9SbpPHU9BmdBx3vJpT0Vtn8YFlO9tK
odEBUF2bt9v731qeLPpITi9ZEKOZCSDLDgqMr/pUPBTDMSvfkOETHPHyKphMbhjv
7WDINdb1rSQxB5mg/2Sw
=0nWM
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list