Cisco patch day closes critical vulnerabilities
Cisco has published ten security advisories as part of its bi-annual patch day. The advisories resolve a number of security vulnerabilities. The most serious vulnerability (CVSS 10) to have been addressed was in Catalyst switches running the company's IOS network operating system software. A bug in the Smart Install remote maintenance feature allowed remote attackers to execute arbitrary code on affected switches.
The other advisories fix denial-of-service (DoS) vulnerabilities in iOS, Unified Communications Manager and 1000 series routers. Cisco has released updates which fix these vulnerabilities; workarounds exist for some of the problems. As promised, Cisco has also fixed the backdoor vulnerability in its Identity Services Engine identity management software.
(ehe)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
