ITSS-Advisory : MEDIUM : Cisco : Various Products : Various Issues

THREAT LEVEL
============
Medium.

INFORMATION
===========
Cisco has released 8 bulletins in its scheduled announcement for March 2009.

The list of Security Advisories from Cisco is available at:
http://www.cisco.com/en/US/products/products_security_advisories_listing.html

Systems running various versions of IOS with certain features enabled are
affected. A summary of the issues and affected systems follow:

Specially crafted UDP packets may cause blocked input queue
-------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-udp.shtml
Enabled features which may cause the system to be affected:
- IP Service Level Agreements (SLA) Responder
- Session Initiation Protocol (SIP)
- H.323 Annex E Call Signaling Transport
- Media Gateway Control Protocol (MGCP)

Specially crafted TCP packets may cause Denial of Service
------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-tcp.shtml
Enabled features which may cause the system to be affected:
- Airline Product Set (ALPS)
- Serial Tunnel Code (STUN) and Block Serial Tunnel Code (BSTUN)
- Native Client Interface Architecture support (NCIA)
- Data-link switching (DLSw)
- Remote Source-Route Bridging (RSRB)
- Point to Point Tunneling Protocol (PPTP)
- X.25 for Record Boundary Preservation (RBP)
- X.25 over TCP (XOT)
- X.25 Routing

Specially crafted TCP/IP packets may cause Denial of Service
------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-ip.shtml
Enabled features which may cause the system to be affected:
- Cisco Unified Communications Manager Express
- SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport
- Secure Signaling and Media Encryption
- Blocks Extensible Exchange Protocol (BEEP)
- Network Admission Control HTTP Authentication Proxy
- Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass
- Distributed Director with HTTP Redirects
- DNS (TCP mode only)

Unauthenticated remote attack on VPN may cause Denial of Service
----------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-webvpn.shtml
Enabled features which may cause the system to be affected:
- SSLVPN.

Attack on Mobile IP NAT or Mobile IPv6 may cause Denial of Service
------------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-mobileip.shtml
Enabled features which may cause the system to be affected:
- Mobile IP NAT Traversal
- Mobile IPv6

SCP vulnerability may allow unauthorised file transfer
------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-scp.shtml
Enabled features which may cause the system to be affected:
- SCP server with role-based ACL access

Remote attack on SIP may cause Denial of Service
------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-sip.shtml
Enabled features which may cause the system to be affected:
- SIP voice services

Attack on Easy VPN server with cTCP may cause Denial of Service
---------------------------------------------------------------
Link: http://www.cisco.com/warp/public/707/cisco-sa-20090325-ctcp.shtml
Enabled features which may cause the system to be affected:
- EZVPN server with cTCP encapsulation

ACTION
======
Administrators of affected systems are advised to review the bulletins, test
and apply relevant fixes.