Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication

2011 年 9 月 29 日 - ライター翻訳版
その他のバージョン: PDFpdf | 英語版 (2011 年 9 月 28 日) | フィードバック

2011 年 9 月 28 日

シスコは半期に一度の Cisco IOS ソフトウェア セキュリティ アドバイザリ バンドル公開を 2011 年 9 月 28 日にリリースしました。お客様のフィードバックに直接対応するため、シスコは毎年 3 月と 9 月の第四水曜日に Cisco IOS ソフトウェア セキュリティ アドバイザリのバンドルをリリースしています。この公開には、Cisco IOS ソフトウェアと Cisco Unified Communications Manager の脆弱性に対処する 10 件のセキュリティ アドバイザリが含まれています。個々の脆弱性が悪用されると、コードのリモート実行またはサービス拒否(DoS)状態が発生するおそれがあります。

Cisco IOS ソフトウェア チェッカーを使用すれば、特定の Cisco IOS ソフトウェア リリースがシスコ製品の脆弱性に該当するかどうかをすばやく判断できます。

 

イベント インテリジェンス

以下のテーブルに、この Cisco IOS ソフトウェア セキュリティ アドバイザリ バンドル公開に関連する Cisco Security Intelligence Operations の内容とシスコの緩和策に関する情報を示します。

Cisco Security Advisory
Cisco Applied Mitigation Bulletin
Cisco IntelliShield Alert CVE ID
Search CVEs
CVSS
Base Score
CVSS Q&A

cisco-sa-20110928-c10k

Cisco 10000 Series Denial of Service Vulnerability

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco 10000 Series Router ICMP Packet Processing Denial of Service Vulnerability CVE-2011-3270 7.8

cisco-sa-20110928-smart-install

Cisco IOS Software Smart Install Remote Code Execution Vulnerability

Cisco IOS Software Smart Install Arbitrary Code Execution Vulnerability CVE-2011-3271 10.0

cisco-sa-20110928-dlsw

Cisco IOS Software Data-Link Switching Vulnerability

Cisco IOS Software Data-Link Switching IP Packet Processing Denial of Service Vulnerability CVE-2011-0945 7.8

cisco-sa-20110928-nat

Cisco IOS Software Network Address Translation Vulnerabilities

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software NetMeeting Directory LDAP Network Address Translation Processing Denial of Service Vulnerability CVE-2011-0946 7.8
Cisco IOS Software Session Initiation Protocol Network Address Translation Denial of Service Vulnerability CVE-2011-3276 7.8
Cisco IOS Software H.323 Packet Network Address Translation Denial of Service Vulnerability CVE-2011-3277 7.8
Cisco IOS Software Session Initiation Protocol UDP Packet Network Address Translation Denial of Service Vulnerability CVE-2011-3278 7.8
Cisco IOS Software MPLS Packet Network Address Translation Denial of Service Vulnerability CVE-2011-3279 7.8
Cisco IOS Software Session Initiation Protocol UDP Packet Network Address Translation Denial of Service Vulnerability CVE-2011-3280 7.8

cisco-sa-20110928-ipsla

Cisco IOS Software IP Service Level Agreement Vulnerability

Cisco IOS Software IP Service Level Agreement Memory Corruption Vulnerability CVE-2011-3272 7.8

cisco-sa-20110928-zbfw

Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software Packet Inspection Memory Leak Denial of Service Vulnerability CVE-2011-3273 7.8
Cisco IOS Software HTTP Packet Processing Denial of Service Vulnerability CVE-2011-3281 7.8

cisco-sa-20110928-ipv6mpls

Cisco IOS Software IPv6 over MPLS Vulnerabilities

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software Crafted IPv6 over MPLS Denial of Service Vulnerability CVE-2011-3274 6.1
Cisco IOS Software ICMPv6 Packet Multiprotocol Label Switching Denial of Service Vulnerability CVE-2011-3282 7.8

cisco-sa-20110928-sip

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

Cisco IOS Software Session Initiation Protocol Packet Processing Denial of Service Vulnerability CVE-2011-0939 7.8
Cisco IOS Software and Cisco Unified Communications Manager Session Initiation Protocol Packet Handling Denial of Service Vulnerability CVE-2011-2072 7.8
Cisco IOS Software Session Initiation Protocol Memory Leak Denial of Service Vulnerability CVE-2011-3275 7.8

cisco-sa-20110928-ipv6

Cisco IOS Software IPv6 Denial of Service Vulnerability

Refer to the Workarounds section of the associated Cisco Security Advisory
Cisco IOS Software IPv6 Packet Processing Denial of Service Vulnerability CVE-2011-0944 7.8

cisco-sa-20110928-cucm

Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerability

Cisco IOS Software and Cisco Unified Communications Manager Session Initiation Protocol Packet Handling Denial of Service Vulnerability CVE-2011-2072 7.8

Cisco Security Intelligence Operations に戻る