Hi Guys,
I've been tasked with a right ball ache of a task at work. Basically they've got a security device than scans and checks for vulnerabilities on all devices in our network. We've got well over 500 device in our network, and this has highlighted like 20 vulnerabilities for each device (so i've got a huge document of problems to fix). For example, on one of the devices, the vulnerabilities are listed below. I really have no idea how to suggest a fix for every vulnerability for every device. Since most of the devices are Cisco routers that are running 12.4T, we could just upgrade to 15.x and cross our fingers, however we don't have maintence contract so we would have to purchase them. And they won't purchase them unless I've said it will fix all these problems. So I'm stuck with what I can do.. Any suggestions?
| Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100324-sip) |
| Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability (cisco-sa-20100324-ldp) |
| Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability (cisco-sa-20100324-sccp) |
| Cisco IOS Software Crafted TCP Packet Denial of Service Vulnerability (cisco-sa-20100324-tcp) |
| Cisco IOS Software Tunnels Vulnerability (cisco-sa-20090923-tunnels) |
| Cisco Unified Communications Manager Express Denial of Service Vulnerabilities (cisco-sa-20100324-cucme) |
| Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100922-sip) |
| Cisco IOS Software Multicast Source Discovery Protocol Vulnerability (cisco-sa-20120328-msdp) |
| Cisco IOS DNS Cache Poisoning Vulnerability (cisco-sa-20080708-dns) |
| Cisco IOS Software Data-Link Switching Vulnerability (cisco-sa-20110928-dlsw) |
| Cisco IOS Software Network Address Translation Vulnerabilities (cisco-sa-20100922-nat) |
| Cisco IOS SSL VPN Memory Leak Denial of Service Vulnerability (cisco-sa-20100922-sslvpn) |
| Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability (cisco-sa-20090923-tls) |
| Cisco IOS Software H.323 Denial of Service Vulnerability (cisco-sa-20090923-h323) |
| Cisco IOS cTCP Denial of Service Vulnerability (cisco-sa-20090325-ctcp) |
| Cisco IOS Software WebVPN and SSLVPN Vulnerabilities (cisco-sa-20090325-webvpn) |
| Cisco IOS Software Multiple Features IP Sockets Vulnerability (cisco-sa-20090325-ip) |
| Cisco IOS IPS Denial of Service Vulnerability (cisco-sa-20080924-iosips) |
| Cisco IOS Software Firewall Application Inspection Control Vulnerability |
| Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability (cisco-sa-20090325-ud) |
| Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20090325-sip) |
| Cisco IOS Software Authentication Proxy Vulnerability (cisco-sa-20090923-auth-proxy) |
| Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability(cisco-sa-20090923-sip) |
| Cisco IOS Software TCP State Manipulation Denial of Service Vulnerabilities (cisco-sa-20090908-tcp24) |
| Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities (cisco-sa-20090325-mobileip) |
| Cisco IOS Software Secure Copy Privilege Escalation Vulnerability (cisco-sa-20090325-scp) |
|
