Cisco 发布了21个安全公告,以应对发现于Cisco IOS及IOS XE软件中的多个漏洞。远端攻击者可以向受影响系统发出特制的封包(packet)、框架(frame)或信息从而攻击这些漏洞。通过认证的本机攻击者也可以绕过认证或向受影响系统植入指令,或上载恶意的软件映像(software image)或档案从而攻击这些漏洞。
成功利用这些漏洞可以导致权限提升、执行任意程式码、绕过保安措施、服务受阻断或重启受影响的系统,视乎攻击者利用哪个漏洞而定。
适用于受影响系统的修补程式已可获取。受影响系统的用户应遵从产品供应商的建议,立即采取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。
用户可联络其产品支援供应商,以取得修补程式及有关支援。
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-catalyst6800
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-memleak
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cmp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-digsig
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-errdisable
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-iosxe-cmdinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ir800-memwrite
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-macsec
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ospfv3-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-pnp-memleak
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-privesc
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-shell-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sm1t3e3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-tacplus
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-vtp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webdos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webuidos
https://www.hkcert.org/my_url/zh/alert/18092701
https://www.us-cert.gov/ncas/current-activity/2018/09/26/Cisco-Releases-Security-Updates-Multiple-Products
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15377