Telnet, SSH prod of death smashes Cisco broadband boxes offline

Plus: Login into a stranger's Cisco Meeting account and chat away as them

By Shaun Nichols in San Francisco

Posted in Networks, 12th October 2016 22:59 GMT

Cisco has issued six software updates to address security vulnerabilities in its networking products, ranging from denial of service conditions to authentication bypasses.

The most serious of the flaws is the authentication bypass hole in the Cisco Meeting Server. Cisco warns that, due to improper handling of XMPP messaging, a remote unauthenticated attacker could exploit the vulnerability to gain access to another user's account, and log in to the server with their permissions and chat away as them. The vulnerability, which is exposed in Meeting Server versions 2.0.6 and earlier with XMPP enabled, has been rated as a "critical" risk.

On the Unified Communications Manager (UCM) platform, a patch has been issued to address poor handing of iframe code that potentially allows an attacker to re-route user traffic for clickjacking or phishing attacks.

For companies running Wide Area Application Services (WAAS), Cisco has posted an update to address a denial of service vulnerability in the WAN platform. An attacker can exploit the flaw by flooding the vulnerable appliances with SSL traffic, thanks to a lack of file size limits.

The Cisco cBR-8 Converged Broadband Routers have been found to contain a flaw that allows an attacker to disrupt connections by constantly pinging the router with Telnet and SSH connection requests.

Those who use the Cisco Prime Infrastructure and Evolved Programmable Network Manager for SQL will want to patch up a SQL injection flaw that allowed an attacker to use SQL queries to access stored data or trigger a denial of service.

The Cisco Finesse Agent remote administration software has been updated with a fix for a cross-site request forgery. Should an attack exploit the flaw via a malicious link, the attacker would have access to the target system with the current user's permissions.

Cisco says it is not aware of any attacks in the wild targeting any of the patched vulnerabilities. ®

Sign up to our NewsletterGet IT in your inbox daily

1 Comment

More from The Register

Cisco to release patches for Meltdown, Spectre CPU vulns, just in case

Switchzilla is investigating a whole bunch of products

Dell EMC patches 3 zero-days in Data Protection Suite

Could combine to 'fully compromise' virtual appliance, researchers warn

Cisco patches NetBIOS vuln

Another week, another Cisco-security-kit-needs-a-patch story

Probing last week's ASA and Firepower flaws found another DDOS to deter

Cisco patches switch hijacking hole – the one exploited by the CIA

Telnet security flaw fix finally lands – or just use SSH, yeah?

Oracle corrals and patches Struts 2 vulnerabilities

Big Red issues out-of-band patch for Apache and a few other urgent issues

SAP pushes 25 patches and two patch patches

HANA User Self Service isn't meant to give crims self-service, but it can. And you can plug it

Cisco hugs sysadmins with a bunch more patches

Nexus switch owners, pay attention

IBM melts down fixing Meltdown as processes and patches stutter

RHEL servers croaking, reporting in Excel, customer docs in signoff limbo

Bureau of Statistics hides trade data about monitors. Yes, monitors!

Help us out here readers: why is it useful to hide data on which States import monitors?