[c-nsp] Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Products

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Wed May 21 12:32:43 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco NX-OS-Based Products

Advisory ID: cisco-sa-20140521-nxos

Revision 1.0

For Public Release 2014 May 21 16:00  UTC (GMT)

Summary
=======

Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities:

  * Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability
  * Cisco NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability
  * Cisco NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability
  * Cisco NX-OS Message Transfer Service Denial of Service Vulnerability
  
Cisco has released free software updates that address these vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTfNQKAAoJEIpI1I6i1Mx3cWQQALMuU9ECOTV//eDDtq4NfEXl
24SkIqEvbpuOvzBJKJSZn44wAxLHDFh32Hh88d2rLy+qkIp8nVzSfIoyXkmucMXu
GF1SkMh4ZUEolon970gtGyX/uaWab7GBH+NWFNlfhVO0bRvZQwkZruORnYLVbPNz
Etkd1NXqWYqPxNLcHW2P12ReZM+nGeJf+5QDgBWhvfpjSKIAE2HeBsRqX3jv7Ly3
IjeyTR9wDE4ywNl7BdNEXdv1Kj4cZX6oGbnDkam/bp0C5K7Zp8LifvCZPBAnlFHt
yBZm1ThTQ+3L+fPjLFoqBCzwD4jRGaG0ADANSnaIsqOysBZNEK3ijFNDjhnLELZh
wS/cizW/7ZaAR0BSfxGUPC9FScy+JfIse7xorJHUyxHC5myTccGtJrzLiOE79sAY
+ta/eatTtsc2GrVnLVDueccY4ZbyCnxsJh/a7ptrgFiZu6cGiIee9bEeZ+Wx8GL3
6WLCq5FE7L0aWIo/r34wYFSUUQ2ibAuyvQUhe9P9lhakOpIClCCcOWThO/u/FzeW
qAyidLsLr5GBjUPLeAbtIxBu9Paa+vfqjr9SbpPHU9BmdBx3vJpT0Vtn8YFlO9tK
odEBUF2bt9v731qeLPpITi9ZEKOZCSDLDgqMr/pUPBTDMSvfkOETHPHyKphMbhjv
7WDINdb1rSQxB5mg/2Sw
=0nWM
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list