Multiple vulnerabilities in Cisco products

Description

Multiple serious vulnerabilities have been found in Cisco products.

Below is a complete list of vulnerabilities

1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands;
2. An unknown vulnerability in Cisco CSS can be exploited remotely via a specially designed SSH packets;
3. Improper DNS implementation in Cisco VDS-IS can be exploited remotely via a specially designed packets;
4. XSS vulnerability in Cisco WebEx Meetings Server can be exploited remotely via an unspecified vectors.

Original advisories

Related products

• Cisco-WebEx-Meetings-Server
• Cisco-Videoscape-Distribution-Suite-for-Internet-Streaming
• Cisco-Virtual-TelePresence-Server

CVE list

• CVE-2015-0671
  critical
• CVE-2015-0668
  warning
• CVE-2015-0660
  high
• CVE-2015-0667
  critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com