Cisco Releases Security Alerts

Cisco has released multiple security alerts to address vulnerabilities in the Unified Communications Manager and IOS. These vulnerabilities may allow a remote unauthenticated attacker to cause a denial-of-service condition, obtain sensitive information, or operate with escalated privileges.

US-CERT encourages users and administrators to review the following Cisco Alerts and apply any necessary updates to help mitigate the risks.

• Cisco Unified Communications Manager Session Initiation Protocol Message Reload Denial of Service Vulnerability
• Cisco IOS Software L2TP Packet Handling Denial of Service Vulnerability
• Cisco IOS Multiprotocol Label Switching Virtual Private Network Information Disclosure Issue
• Cisco IOS Linecard Redundancy Unauthorized Access Vulnerability
• Cisco IOS Software Session Initiation Message Memory Leak Denial of Service Vulnerability
• Cisco IOS Skinny Call Control Protocol Fragmented Message Denial of Service Vulnerability
• Cisco IOS IPS Feature SERVICE.DNS Signature Engine Network Traffic Handling Denial of Service Vulnerability
• Cisco IOS IPC Message Denial of Service Vulnerability
• Cisco IOS Multi Protocol Label Switching Forwarding Infrastructure Denial of Service Vulnerability

Read more: US-CERT Current Activity