GestiónVulnerabilidades-Activos TI - BPP Actividad 14

ID Activo SO001 SO002 SO003 FW001 AP001 SW001
Clase de Activo Sistema Operativo Sistema Operativo Sistema Operativo Firewall Access Point Switch
Direccin IP
Nombre Activo Windows Server 2003 Windows 7 Windows Server 2008 Cisco ASA 5500 AP Cisco Aironet Cisco Catalyst 3560
SOF001 TVOP001 SOF002 SOF003
Software Telefono Navegador Office
Asterisk Telefono VOIP Internet Explorer Microsoft Office
Descripcin del Activo de TI Soporta aplicaciones o servicios corporativos Sistema operativo de usuario final Terminal Server Firewall de la red corporativa Punto de Acceso inalambrico Switch de Core Asterisk es un programa de software libre (bajo licencia GPL) que proporciona funcionalidades de una central telefnica (PBX) para telefonia VOIP. Telefono Grandstream que permite la comunicacin por Voz sobre IP Navegador Web Internet Explorer Herramienta de Ofimtica
Fabricante Microsoft Microsoft Microsoft Cisco Cisco Cisco
URL Fabricante
Asterisk Grandstream Microsoft Microsoft
Ubicacin Piso 1 Sala de Internet Piso 1 Piso 1 Piso 1 Piso 1
Propietario Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas
Cantidad 2 30 5 4 10 2
Piso 1 oficinas administrativas Sala de Internet Sala de Internet
Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas
1 40 30 30
Servicio o Procesos del negocio Gestin de Prstamos Gestin de Prstamos Internet y Wifi Internet y Wifi Internet y Wifi Internet y Wifi
Valor (Segn el Riesgo)
Gestin de Prstamos Gestin de Prstamos Gestin de Prstamos Internet y Wifi
Nombre Activo de TI
Fuente (URL) Aviso
Fecha Aparicin Internet
Windows Server 2008
http://www.cvedetails.com/cve/CVE-20120157/
3/13/2012
Windows Server 2008
2/14/2012
Windows Server 2008
2/14/2012
Windows Server 2008
1/10/2012
Windows Server 2008
1/17/2012
Cisco ASA 5500
3/12/2012
Cisco ASA 5500
3/14/2012
Cisco ASA 5500
3/14/2012
Cisco ASA 5500
3/14/2012
Cisco ASA 5500
3/14/2012
AP Cisco Aironet
http://cert.inteco.es/vulnDetail/Actualidad /Actualidad_Vulnerabilidades/detalle_vuln erabilidad/CVE-2009-2861
8/28/2009
AP Cisco Aironet
8/27/2009
AP Cisco Aironet
1/22/2006
AP Cisco Aironet
11/12/2005
AP Cisco Aironet
4/9/2002 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020409-aironet-te
Cisco Catalyst 3560
12/15/2005
Cisco Catalyst 3560
https://supportforums.cisco.com/thread/210 7248
9/28/2011
Cisco Catalyst 2960
https://supportforums.cisco.com/thread/2 107248
9/28/2011
Cisco Router 2921
http://www.securityfocus.com/archive/1/5 17863
5/4/2011
Cisco Router 2921
http://www.securityfocus.com/archive/1/5 17865/30/0/threaded
5/4/2011
Asterisk
http://osvdb.org/show/osvdb/80125
3/15/2012
Asterisk
3/15/2012
Asterisk
1/15/2012
Asterisk
7/18/2011
Asterisk
8/12/2011
Telefono VOIP
8/22/2007
Internet Explorer
http://www.securityfocus.com/bid/45246
12/22/2010
Internet Explorer
6/1/2010
Internet Explorer Internet Explorer
3/9/2010 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0806 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0483 4/13/2010
Internet Explorer
3/25/2012
Microsoft Office
12/13/2011
Microsoft Office
12/13/2011
Microsoft Office
9/15/2011
Microsoft Office
9/15/2011
Microsoft Office
9/15/2011
Fecha Publicacin por el Fabricante
http://technet.microsoft.com/enus/security/bulletin/ms12-018
3/13/2012
http://technet.microsoft.com/security/bulletin/MS12008
2/14/2012
2/14/2012
1/10/2012
1/17/2012
http://tools.cisco.com/security/center/content/CiscoSe curityAdvisory/cisco-sa-20120314-asaclient
3/12/2012
http://tools.cisco.com/security/center/content/CiscoSe curityAdvisory/cisco-sa-20120314-asa
3/14/2012
3/14/2012
3/14/2012
3/14/2012
http://tools.cisco.com/security/center/viewAlert.x?alert Id=18919
2/27/2009
http://www.airmagnet.com/assets/AM_Technote_SkyJa ck_082509.pdf
2/27/2009
http://tools.cisco.com/security/center/content/CiscoSe curityAdvisory/cisco-sa-20060112-wireless
1/22/2006
http://tools.cisco.com/security/center/content/CiscoSe curityAdvisory/cisco-sa-20051102-lwapp
11/12/2005
4/9/2002 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020409-aironet-telnet
http://www.cisco.com/warp/public/cc/pd/si/casi/ca350 0xl/index.shtml
12/15/2005
https://supportforums.cisco.com/thread/2107248
9/28/2011
https://supportforums.cisco.com/thread/2107248
9/28/2011
http://tools.cisco.com/security/center/content/CiscoSe curityResponse/cisco-sr-20110505-ios
5/4/2011
http://www.securityfocus.com/archive/1/517865/30/0/ threaded
5/4/2011
http://downloads.asterisk.org/pub/security/AST-2012002.html
3/14/2012
3/14/2012
1/15/2012
7/18/2011
8/12/2011
http://archives.neohapsis.com/archives/fulldisclosure/2 007-08/0401.html
8/22/2007
12/22/2010
http://www.microsoft.com/technet/security/Bulletin/MS11-003.mspx
6/12/2010
http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx http://www.microsoft.com/technet/security/Bulletin/M S10-022.mspx http://vreugdenhilresearch.nl/Pwn2Own-2010Windows7-InternetExplorer8.pdf
3/16/2010 4/13/2010
03/25/2010
12/13/2011
12/13/2011
http://technet.microsoft.com/enus/security/bulletin/MS11-072
9/15/2011
9/15/2011
9/15/2011
Categora
Identificador (CVE) de la Vulnerabilidad
Nombre Vulnerabilidad
Importante
CVE-2012-0157
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege
Importante
CVE-2012-0154
Keyboard Layout Use After Free Vulnerability
Importante
CVE-2012-0148
AfdPoll Elevation of Privilege Vulnerability
Importante
CVE-2012-0005
CSRSS Elevation of Privilege Vulnerability
Importante
CVE-2010-5082
Color Control Panel Insecure Library Loading Vulnerability
Critico
CVE-2012-0358 CSCtr00165
CISCO 20120314 Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability
Importante
CVE-2012-0356
CISCO 20120314 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
Importante
CVE-2012-0355
Importante
CVE-2012-0354
Importante
CVE-2012-0353
Importante
CVE-2009-2861 CSCtb56664.
Vulnerabilidad en Cisco Aironet Lightweight Access Point
Importante
CVE-2009-2976
Vulnerabilidad en los dispositivos Cisco Aironet Lightweight Access Point
Importante
CVE-2006-0354 CSCsc16644
Access Point Memory Exhaustion from ARP Attacks
Importante
CVE-2005-3482
Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access
Importante
cisco-sa-20020409
Aironet Telnet Vulnerability
Importante
CVE-2005-4258
Multiple Unspecified Cisco Catalyst Switches LanD Packet Denial Of Service Vulnerability
Importante
2363 - CVE-MAP-NOMATCH
SSH vulnerability in Cisco Catalyst
Importante
2363 - CVE-MAP-NOMATCH
SSH vulnerability in Cisco Catalyst
Importante
N/A
Cisco IOS Software Denial of Service Vulnerabilities
Importante
N/A
Cisco IOS SNMP Message Processing Denial Of Service Vulnerability
Importante
osvdb: 80125
Asterisk Request Response Port SIP Peer Enumeration
Importante
osvdb: 80126
Asterisk main/utils.c ast_parse_digest() Function HTTP Digest Authentication String Parsing Remote Overflow
Importante
CVE-2012-0885
Asterisk main/utils.c ast_parse_digest() Function HTTP Digest Authentication String Parsing Remote Overflow
Importante
osvdb: 77597
Asterisk Request Response Port SIP Peer Enumeration
Importante
osvdb: 77598
Asterisk channels/chan_sip.c handle_request_info() Function SIP Packet Parsing Remote DoS
Importante
isvdb: 40185
Grandstream SIP Phone GXV-3000 Crafted SIP INVITE Message Privilege Escalation
Critica
CVE-2010-3971
Ejecucin de cdigo remoto no autorizado dentro del proceso iex
Critica
Vulnerabilidad de denegacin de servicio remota
Importante Importante
CVE-2010-0806 CVE-2010-0483
Ejecucin de cdigo arbitrario Ejecucin de cdigo arbitrario
Importante
CVE-2010-1118
Ejecucin de cdigo arbitrario
Importante
CVE-2011-3413
OfficeArt Shape RCE Vulnerability
Importante
CVE-2011-3413
Record Memory Corruption Vulnerability
Importante
CVE-2011-1990
Excel Out of Bounds Array Indexing Vulnerability
Importante
CVE-2011-1989
Excel Conditional Expression Parsing Vulnerability
Importante
CVE-2011-1988
Excel Heap Corruption Vulnerability
Descripcin de la Vulnerabilidad win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a crafted application that calls the PostMessage function, aka "PostMessage Function Vulnerability." Use-after-free vulnerability in win32k.sys in the kernelmode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers keyboard layout errors, aka "Keyboard Layout Use After Free Vulnerability. afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "AfdPoll Elevation of Privilege Vulnerability." The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability."
Versiones Afectadas
Impacto
XP SP3, 2003 SP2, Vista SP2, 2008 SP2, 7 SP1, 2008 R2 SP1
Medio
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit
Medio
Bajo
Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2
Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows Microsoft Windows Server local users to gain privileges via a Trojan horse sti.dll 2008 SP2, R2, and R2 file in the current working directory, as demonstrated by SP1 a directory that contains a .camp, .cdmp, .gmmp, .icc, or .icm file, aka "Color Control Panel Insecure Library Loading Vulnerability."
Bajo
Cisco Adaptive Security Buffer overflow in the Cisco Port Forwarder ActiveX Appliances (ASA) 5500 control in cscopf.ocx, as distributed through the series devices with Clientless VPN feature on Cisco Adaptive Security software 7.0 through 7.2 Appliances (ASA) 5500 series devices with software before 7.2(5.6), 8.0 before 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.0(5.26), 8.1 before 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.1(2.53), 8.2 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), 8.2(5.18), 8.3 before allows remote attackers to execute arbitrary code via 8.3(2.28), 8.2 before unspecified vectors, aka Bug ID CSCtr00165. 8.4(2.16), and 8.6 before 8.6(1.1), (ASA) 5500 series devices, and the ASA Cisco ASA 5500 Series Adaptive Security Appliances Services Module (ASA) and Cisco Catalyst 6500 Series ASA Services (ASASM) in Cisco Module (ASASM) are affected by the following Catalyst 6500 series vulnerabilities: devices, with software 7.0 Cisco ASA UDP Inspection Engine Denial of Service through 7.2 before Vulnerability 7.2(5.7), 8.0 before Cisco ASA Threat Detection Denial of Service 8.0(5.27), 8.1 before Vulnerability 8.1(2.53), 8.2 before Cisco ASA Syslog Message 305006 Denial of Service 8.2(5.8), 8.3 before Vulnerability 8.3(2.25), 8.4 before Protocol Independent Multicast Denial of Service 8.4(2.5), and 8.5 before Vulnerability 8.5(1.2) and the Firewall These vulnerabilities are independent of each other; a Services Module (FWSM) release that is affected by one of the vulnerabilities 3.1 and 3.2 before 3.2(23) may not be affected by the others. and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 (ASA) 5500 series devices, and the ASA Cisco ASA 5500 Series Adaptive Security Appliances Services Module (ASA) and Cisco Catalyst 6500 Series ASA Services (ASASM) in Cisco Module (ASASM) are affected by the following Catalyst 6500 series vulnerabilities: devices, with software 7.0 Cisco ASA UDP Inspection Engine Denial of Service through 7.2 before Vulnerability 7.2(5.7), 8.0 before Cisco ASA Threat Detection Denial of Service 8.0(5.27), 8.1 before Vulnerability 8.1(2.53), 8.2 before Cisco ASA Syslog Message 305006 Denial of Service 8.2(5.8), 8.3 before Vulnerability 8.3(2.25), 8.4 before Protocol Independent Multicast Denial of Service 8.4(2.5), and 8.5 before Vulnerability 8.5(1.2) and the Firewall These vulnerabilities are independent of each other; a Services Module (FWSM) release that is affected by one of the vulnerabilities 3.1 and 3.2 before 3.2(23) may not be affected by the others. and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500
Alto
Medio
Medio
(ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series The Threat Detection feature on Cisco Adaptive devices, with software 7.0 Security Appliances (ASA) 5500 series devices, and through 7.2 before the ASA Services Module (ASASM) in Cisco Catalyst 7.2(5.7), 8.0 before 6500 series devices, with software 8.0 through 8.2 8.0(5.27), 8.1 before before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.1(2.53), 8.2 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) 8.2(5.8), 8.3 before allows remote attackers to cause a denial of service 8.3(2.25), 8.4 before (device reload) via (1) IPv4 or (2) IPv6 packets that 8.4(2.5), and 8.5 before trigger a shun event, aka Bug ID CSCtw35765. 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 (ASA) 5500 series The UDP inspection engine on Cisco Adaptive Security devices, and the ASA Appliances (ASA) 5500 series devices, and the ASA Services Module Services Module (ASASM) in Cisco Catalyst 6500 (ASASM) in Cisco series devices, with software 8.0 before 8.0(5.25), 8.1 Catalyst 6500 series before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before devices, with software 8.0 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) before 8.0(5.25), 8.1 does not properly handle flows, which allows remote before 8.1(2.50), 8.2 attackers to cause a denial of service (device reload) before 8.2(5.5), 8.3 before via a crafted series of (1) IPv4 or (2) IPv6 UDP 8.3(2.22), 8.4 before packets, aka Bug ID CSCtq10441. 8.4(2.1), La funcionalidad Over-the-Air Provisioning (OTAP) en dispositivos Cisco Aironet Lightweight Access Point 1100 y 1200 no implementan apropiadamente la asociacin al punto de acceso, lo que permite a los Cisco Aironet Lightweight atacantes remoto suplantar un controlador y causar Access Point 1100 y 1200 una denegacin de servicio (parada de servicio) a travs de una gestin de paquetes de radio remota (RRM) manipulados, tambin conocidos como "SkyJack" o Bug ID CSCtb56664. Los dispositivos Cisco Aironet Lightweight Access Point (AP) envan el contenido de ciertos paquetes de multidifusin en texto plano, lo que permite a atacantes Cisco Aironet Lightweight remotos descubrir las direcciones IP y MAC del Access Point 1100 y 1200 Wireless LAN Controller as como los detalles de configuracin del Punto de Acceso (AP) espiando la red wireless.
Medio
Medio
Medio
Medio
Cisco Aironet 1400 Series Wireless Bridges Cisco Aironet 1300 Series Access Points Cisco Aironet 1240AG Cisco IOS before 12.3-7-JA2 on Aironet Wireless Series Access Points Access Points (WAP) allows remote authenticated Cisco Aironet 1230AG users to cause a denial of service (termination of Series Access Points packet passing or termination of client connections) by Cisco Aironet 1200 Series sending the management interface a large number of Access Points spoofed ARP packets, which creates a large ARP table Cisco Aironet 1130AG that exhausts memory, aka Bug ID CSCsc16644 Series Access Points Cisco Aironet 1100 Series Access Points Cisco Aironet 350 Series Access Points running IOS
Bajo
Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.
Cisco 1200, 1131, and 1240 series access points controlled by Cisco 2000 and 4400 series Airespace Wireless LAN (WLAN) Controllers that are running software version 3.1.59.24 are affected by this vulnerability.
Bajo
It is possible to cause a denial-of-service attack if Cisco Aironet products have Telnet access enabled. Telnet access is the only requirement for such an attack; there are no additional conditions. Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Recently we have been warn by our security team for a SSH vulnerability been detected on our Cisco devices (Cisco catalyst 2960, 3560) using McAfee Foundstone
All releases up to, but excluding, 11.21 are vulnerable.
Cisco Catalyst, FreeIPS FreeIPS 1.0
Bajo
Cisco catalyst 3560
Bajo
Recently we have been warn by our security team for a SSH vulnerability been detected on our Cisco devices (Cisco catalyst 2960, 3560) using McAfee Foundstone A potential denial of service condition may exist in Cisco's IOS firmware.
Cisco catalyst 2960
Bajo
The problem reportedly occurs when a large number of Cisco Router 2921 UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful It has been reported that the Cisco Internet Operating System (IOS) is affected by a remote SNMP message processing denial of service vulnerability. This issue may be leveraged to cause a denial of service Cisco router 2921/K9 IOS condition in the affected device. The denial of service 15.0<1r>M6 is due to the process consumed all available CPU resources in the affected device.The device may have to be reset manually if the attack is successful. The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.4.x before 1.4.43, 1.6.x 1.8.x before 1.8.7.2 uses different port numbers for before 1.6.2.21, and 1.8.x responses to invalid requests depending on whether a before 1.8.7.2 SIP username exists, which allows remote attackers to enumerate usernames via a series of requests The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.4.x before 1.4.43, 1.6.x 1.8.x before 1.8.7.2 uses different port numbers for before 1.6.2.21, and 1.8.x responses to invalid requests depending on whether a before 1.8.7.2 SIP username exists, which allows remote attackers to enumerate usernames via a series of requests chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple. The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests.
Medio
Medio
Medio
Medio
1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2
Medio
All
Alto
channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests. The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.
All
Alto
GXV3000
El error se produce en la librera "mshtml.dll". Puede permitir que, al visitar una pgina web maliciosa, se ejecute cdigo en el ordenador comprometido, para, entre otras cosas, controlarla remotamente.
IE 6, 7 y 8
Alto
Microsoft Internet Explorer CSS 'expression' Vulnerabilidad de denegacin de Servicio remota Los atacantes pueden aprovechar este problema de atraer a un usuario desprevenido para ver una pgina web especialmente diseado. IE 6, 7 y 8
Versiones vulnerables de Internet Explorer 6, 7, y 8 Vulnerabilidad en Internet Explorer que podra permitir la ejecucin de y 7 IE 6 cdigo arbitrario en las versiones IE vulnerables, y podria ca
Vulnerabilidad en Internet Explorer que podra permitir la ejecucin 6, 7cdigo arbitrario visitando una pgina web especialmente ma IE de y 8 Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010. Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability."
IE 6, 7 y 8
2007 y 2008 (mac)
Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an unspecified array index, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."
2003 y 2004 (mac)
Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; O
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel 2007 SP2; Excel in Excel Services on Office SharePoint Server 2007 SP2; Office 2007 SP2; Excel Excel Services on Office SharePoint Server 2010 Gold Viewer SP2; O and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability." Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and Excel 2007 SP2; Excel in PowerPoint 2007 File Formats SP2 do not properly Office 2007 SP2; Excel parse records in Excel spreadsheets, which allows Viewer SP2; O remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Heap Corruption Vulnerability."
Solucin Temporal (Workaround)
Fecha en Internet Solucin Temporal
The workaround for this vulnerability is to disable Telnet access.
Fecha Implementacin Solucin Temporal
Solucin definitiva
Aplicar los parches del boletin de seguridad http://technet.microsoft.com/enus/security/bulletin/ms12-018
Actualizar de versin segn el iOS http://tools.cisco.com/security/center/content/ CiscoSecurityAdvisory/cisco-sa-20120314asaclient
Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/ CiscoSecurityAdvisory/cisco-sa-20120314-asa
Cisco has made free software available to address this vulnerability for affected customers. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warr anty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/swusingswc.shtml. Cisco has made free software available to address this vulnerability for affected customers. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/public/swlicense-agreement.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/swusingswc.shtml. This vulnerability is fixed in release 11.21, which is available now. Currently we are not aware of any vendorsupplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>. Our ssh version is 2.0 and we did change the RSA key to 2048 but then the result still the same.
Our ssh version is 2.0 and we did change the RSA key to 2048 but then the result still the same.
Currently there are not any vendor-supplied patches for this issue.
Currently there are not any vendor-supplied patches for this issue.
Upgrade to version 1.4.44, 1.6.2.23, 1.8.10.1 or 10.2.1 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Upgrade to version 1.4.44, 1.6.2.23, 1.8.10.1 or 10.2.1 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Upgrade to version 10.0.1 or higher or 1.8.8.2 or higher, as it has been reported to fix this vulnerability
Upgrade to version 10.0.1 or higher or 1.8.8.2 or higher, as it has been reported to fix this vulnerability
Upgrade to version 1.6.2.21 or higher or 1.8.7.2 or higher, as it has been reported to fix this vulnerability
Actualizar el Firmware http://www.grandstream.com/support/firmware La solucin propuesta por Microsoft: utilizar Enhanced Mitigation Experience Toolkit (EMET) de Microsoft. Esta herramienta permite que todas las DLL cargadas por un programa sean obligadas a usar ASLR. Esto quiere decir que sern colocadas en lugares aleatorios de la memoria. La solucin es para cada uno de los equipos y no se controla desde el dominio
Aplicar en los servidores y en los PCs la actualizacion KB980182
Aplicar en los servidores y en los PCs la actualizacion KB980182 Actualizar http://www.microsoft.com/en-us/default.aspx
Actualizar http://www.microsoft.com/en-us/default.aspx
Aplicar los parches del boletin MS MS11-094
Fecha Solucin Definitiva por el Fabricante
Fecha Implementacin Solucin Definitiva
3/13/2012
2/14/2012
2/14/2012
1/10/2012
1/17/2012
3/12/2012
3/14/2012
3/14/2012
3/14/2012
3/14/2012
1/12/2006
11/12/2005
4/9/2002
12/15/2005
9/28/2011
9/28/2011
3/15/2012
3/15/2012
1/15/2012
7/18/2011
8/12/2011
12/8/2010
6/16/2010
3/30/2010 4/13/2010
3/25/2010
12/13/2011
12/13/2011
9/15/2011
9/15/2011
9/15/2011
Nro de OC
Observacin
Servicios o Procesos Crticos del negocio Gestin de Catalogo en Linea Gestin de Afiliacin Gestin de Prstamos Gestin de Reservas de materiales Gestin de Renovacin del prstamo Internet y WIFI Visitas guiadas Referencia y orientacin a los usuarios Cursos y capacitaciones Talleres (escritores, msica, artes) Salas de exposicin y auditorio
Descripcin
Proceso para la Afiliacin, prstamo, reserva y renovacin
Ofrecer a los diferentes pblicos (nios, jvenes, adultos) acceso gratuito de internet
Confidencialidad Disponibildiad Integridad
Trazabilidad Total
Alto=10
Medio=5
Bajo
Alto
Media
Bajo
16
Bajo
Media
Media
Bajo
11
Bajo=1
Nombre Activo de TI AP Cisco Aironet 5
Asterisk
Cisco ASA 5500 5 5
Cisco Catalyst 2960 Cisco Catalyst 3560 Cisco Router 2921 Internet Explorer Telefono VOIP 1 2 2 4
Windows Server 2008 (vaco) 5
Microsoft Office Resultado Total 5 35
ACTIVOS Asterisk ubuntu server cisco2960 joomla Windows 2003 server
VULNERABILIDAD
AMENAZA
FUENTE NATURAL HUMANO
ESCALA RIESGO CUALITATIVO MUY ALTO ALTO MEDIO BAJO 50
DIMENSIONES DISPONIBILIDAD
PROBABILIDADIMPACTO RIESGO CONFIDENCIALIDAD INTEGRIDAD TRAZABILIDAD
Nombre del Activo
Valor Activo (dolares)
Vulnerabilidad
Amenaza
Robo fisico
Inadecuado Control de Seguridad Fisica

Windows Server 2003 1000
Descarga electrica
Intruso Interno Sistema operativo desactualizado

Intruso Externo Escalar privilegios robo de informacion Intruso Externo modificacion de configuracion atacante interno mal manejo de contraseas falta capacitacion perdidas de informacion Caida de la linea Desconfiguracin intencional Consumo de red llamadas no permitidas PoC Cambiar los QoS atacaque de fuerza bruta claves por defecto cambio de configuracin romper WEP AP Roguet suplantacin MAC malware exposicion informacion corporativa en internet phishing Man-in-the-browser Saltar proxy Exploits
Vulnerabilidad SSH
Cisco Catalyst 3560
2000
malas configuraciones
Asterisk
500
Fallas tcnicas
Fallas de software
Configuraciones por defecto

AP Cisco Aironet 700
Cifrado inseguro de la red inalambirca
Navegacin en sitios no autorizados

Navegador internet explorer 20
Vulnerabilidades en el navegador
Rango de ocurrencia al ao 2 veces 2veces
Valor
Probabilidad Impacto % Amenaza
Riesgo x Amenaza (dolares)
Riesgo anual x vulnerabilidad (cuantivativo)
2/365 3/365
0.005479452 0.008219178
70.00% 30.00% 15.00% 60.00% 20.00% 80.00% 60.00% 60.00% 50.00% 45.00% 25.00% 75.00% 0.4 0.3 0.6 0.2 0.5 0.6 0.5 0.9 0.2 0.3 0.7 0.1 0.4
3.835616438 2.465753425 7.123287671
2 veces
4 veces 10 veces
2/365
4/365 10/365 1/365 2/365 4/365 3/365 4/365 2/365 6/365 3/365 4/365 3/365 9/365 4/365 3/365 2/360 8/360 5/360 2/360 2/360 3/360 8/360
0.005479452
0.010958904
0.821917808
6.575342466
0.02739726 0.002739726
0.005479452 0.010958904 0.008219178 0.010958904 0.005479452 0.016438356 0.008219178 0.010958904 0.008219178 0.024657534 0.010958904 0.008219178 0.005555556 0.022222222 0.013888889 0.005555556 0.005555556 0.008333333 0.022222222
5.479452055 2.191780822
6.575342466 13.15068493 8.219178082 9.863013699 2.739726027 24.65753425 1.643835616 5.479452055 2.465753425 2.465753425 2.739726027 2.465753425 1.944444444 14 1.944444444 1.166666667 2.722222222 0.583333333 0.177777778
14.24657534
7 veces
2veces 4 veces 6 veces 4 veces 2 veces 6 veces 3 veces 4 veces 3 veces 9 veces 4 veces 3 veces 2 veces 8 veces 5 veces 2 veces 2 veces 3 veces 8 veces
27.94520548
37.26027397
9.589041096
7.671232877
17.88888889
4.472222222
0.377777778
9 veces 3 veces 2 veces 6 veces 8 veces
9/360 3/360 2/360 6/360 8/360
0.025 0.008333333 0.005555556 0.016666667 0.022222222
0.2 0.6 0.2 0.5 0.4
0.1 0.1 0.022222222 0.166666667 0.177777778 0.366666667
Reisgo x Activo
Riesgo anual Activo (cualitativ o) ESCALA RIESGO CUALITATIVO MUY ALTO ALTO MEDIO BAJO 50
14.24657534

GestiónVulnerabilidades-Activos TI - BPP Actividad 14

Cargado por

Información del documento

Título original

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

GestiónVulnerabilidades-Activos TI - BPP Actividad 14

Cargado por

Copyright:

Formatos disponibles

ID Activo SO001 SO002 SO003 FW001 AP001 SW001

SOF001 TVOP001 SOF002 SOF003

Software Telefono Navegador Office

Asterisk Telefono VOIP Internet Explorer Microsoft Office

Fabricante Microsoft Microsoft Microsoft Cisco Cisco Cisco

Asterisk Grandstream Microsoft Microsoft

Ubicacin Piso 1 Sala de Internet Piso 1 Piso 1 Piso 1 Piso 1

Piso 1 oficinas administrativas Sala de Internet Sala de Internet

Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas Cordinador de Sistemas

Valor (Segn el Riesgo)

Gestin de Prstamos Gestin de Prstamos Gestin de Prstamos Internet y Wifi

Fuente (URL) Aviso

Fecha Aparicin Internet

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008

Cisco ASA 5500

Cisco ASA 5500

Cisco ASA 5500

Cisco ASA 5500

Cisco ASA 5500

http://cert.inteco.es/vulnDetail/Actualidad /Actualidad_Vulnerabilidades/detalle_vuln erabilidad/CVE-2009-2861

http://cert.inteco.es/vulnDetail/Actualidad /Actualidad_Vulnerabilidades/detalle_vuln erabilidad/CVE-2009-2976

http://cert.inteco.es/vulnDetail/Actualidad /Actualidad_Vulnerabilidades/detalle_vuln erabilidad/CVE-2006-0354

http://cert.inteco.es/vulnDetail/Actualidad /Actualidad_Vulnerabilidades/detalle_vuln erabilidad/CVE-2005-3482

Cisco Catalyst 3560

Cisco Catalyst 3560

Cisco Catalyst 2960

Cisco Router 2921

Cisco Router 2921

Internet Explorer Internet Explorer

3/9/2010 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0806 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0483 4/13/2010

Fecha Publicacin por el Fabricante

http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx http://www.microsoft.com/technet/security/Bulletin/M S10-022.mspx http://vreugdenhilresearch.nl/Pwn2Own-2010Windows7-InternetExplorer8.pdf

Identificador (CVE) de la Vulnerabilidad

Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

Keyboard Layout Use After Free Vulnerability

AfdPoll Elevation of Privilege Vulnerability

CSRSS Elevation of Privilege Vulnerability

Color Control Panel Insecure Library Loading Vulnerability

Vulnerabilidad en Cisco Aironet Lightweight Access Point

Vulnerabilidad en los dispositivos Cisco Aironet Lightweight Access Point

Access Point Memory Exhaustion from ARP Attacks

Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access

Aironet Telnet Vulnerability

SSH vulnerability in Cisco Catalyst

SSH vulnerability in Cisco Catalyst

Cisco IOS Software Denial of Service Vulnerabilities

Cisco IOS SNMP Message Processing Denial Of Service Vulnerability

Asterisk Request Response Port SIP Peer Enumeration

Asterisk Request Response Port SIP Peer Enumeration

Asterisk channels/chan_sip.c handle_request_info() Function SIP Packet Parsing Remote DoS

Ejecucin de cdigo remoto no autorizado dentro del proceso iex

Vulnerabilidad de denegacin de servicio remota

Ejecucin de cdigo arbitrario Ejecucin de cdigo arbitrario

Ejecucin de cdigo arbitrario

OfficeArt Shape RCE Vulnerability

Record Memory Corruption Vulnerability

Excel Out of Bounds Array Indexing Vulnerability

Excel Conditional Expression Parsing Vulnerability

Excel Heap Corruption Vulnerability