<Cisco 취약 '가능' 모델> (현재 조사중이며 의심리스트에 해당하지 않으면 취약하지 않은것으로 판단)

출처: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181019-libssh


Collaboration and Social Media

•Cisco Webex Meetings Server


Network Application, Service, and Acceleration

•Cisco Cloud Services Platform 2100


Network and Content Security Devices

•Cisco Content Security Management Appliance (SMA)

•Cisco Email Security Appliance (ESA)

•Cisco Identity Services Engine (ISE)

•Cisco Web Security Appliance (WSA)


Network Management and Provisioning

•Cisco Enterprise Service Automation

•Cisco NetFlow Generation Appliance

•Cisco Network Analysis Module

•Cisco Prime Network Registrar Virtual Appliance

•Cisco WAN Automation Engine (WAE)


Routing and Switching - Enterprise and Service Provider

•Cisco Application Policy Infrastructure Controller (APIC)


Voice and Unified Communications Devices

•Cisco IP Interoperability and Collaboration System (IPICS)

•Cisco Management Heartbeat Server


Video, Streaming, TelePresence, and Transcoding Devices

•Cisco Cloud Object Storage

•Cisco DCM Series D990x Digital Content Manager

•Cisco Video Surveillance 4300E and 4500E High-Definition IP Cameras


Wireless

•Cisco Wireless LAN Controller


Cisco Cloud Hosted Services

•Cisco Smart Software Manager Satellite

•Cisco Virtual HetNet


<F5 Network 취약제품> 패치無

출처: https://support.f5.com/csp/article/K52868493


•BIG-IP(D 747104) (AFM) 14.0.0  

•BIG-IP(D 747104) (AFM) 13.0.0 - 13.1.1

•BIG-IP(D 747104) (AFM) 12.1.0 - 12.1.3


<Debian 취약버전> 패치有 

출처: https://www.debian.org/security/2018/dsa-4322


•0.7.3-2+deb9u1 


<Ubuntu 취약버전> 패치有

출처: https://usn.ubuntu.com/3795-1/


•Ubuntu 18.04 LTS

•Ubuntu 16.04 LTS

•Ubuntu 14.04 LTS

•위 버전의 파생버전


<Suse 취약버전> 패치有

https://www.suse.com/security/cve/CVE-2018-10933/


•Linux Enterprise 12

•Linux Enterprise 15


<관련 CVE코드>

CVE-2018-1033

PoC : https://github.com/hackerhouse-opensource/cve-2018-10933


<대응방안>

Tenable, libssh 취약여부 진단 Nessus 플러그인 배포

출처: https://www.tenable.com/blog/libssh-vulnerable-to-authentication-bypass-cve-2018-10933

플러그인 리스트: https://www.tenable.com/plugins/search?q=cves%3A(%22CVE-2018-10933%22)&sort=&page=1



저작자표시 비영리 변경금지

'Vulnerability' 카테고리의 다른 글

[2018.10.26] ASRock 드라이버에 다수의 취약점 발견 (CVE-2018-10709-12)  (0) 2019.03.06
[2018.10.25] Windows 제로데이 무작위 파일 삭제 취약점  (0) 2019.03.06
[2018.10.22] jQuery 파일 업로드 플러그인 취약점(CVE-2018-9206)  (0) 2019.03.05
[2018.10.17] iPhone 암호 우회 취약점  (0) 2019.03.05
[2018.10.10] Dell 서버 취약점  (0) 2019.03.05

+ Recent posts

티스토리툴바