US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.
cisco-sa-20111019-sns: Cisco Show and Share Security Vulnerabilities
This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-sns.
Summary
- The Cisco Show and Share webcasting and video sharing application contains two vulnerabilities.
- The first vulnerability allows an unauthenticated user to access several administrative web pages.
- The second vulnerability permits an authenticated user to execute arbitrary code on the device under the privileges of the web server user account.
- Cisco has released free software updates that address these vulnerabilities.
- There are no workarounds available for these vulnerabilities.
cisco-sa-20111019-cs: CiscoWorks Common Services Arbitrary Command Execution Vulnerability
This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs.
Summary
- CiscoWorks Common Services for Microsoft Windows contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator.
- Cisco has released free software updates that address this vulnerability.
- There are no workarounds that mitigate this vulnerability.
Source: US-CERT
No comments:
Post a Comment