Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Cisco Multiple Security Advisories

Number: AV16-066
Date: 21 April 2016

Purpose

The purpose of this advisory is to bring attention to multiple Cisco security advisories.

Assessment

Cisco released multiple security updates to address critical and high vulnerabilities in the following software:

Critical

  • Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability

High

  • Multiple Cisco Products libSRTP Denial of Service Vulnerability
  • Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability
  • Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability
  • Cisco Wireless LAN Controller Denial of Service Vulnerability

CVE Reference: CVE-2016-1363, CVE-2015-6360, CVE-2016-1362, CVE-2016-1367, CVE-2016-1364

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos

Date modified: