The March 2015 edition of SteelCentral NetAuditor Advisory Service update is now available for versions 18.0.0, 18.0.1, and 18.0.2. This update includes 33 new security advisory rules and 4 updated security advisory rules.

 

  • New Security Advisory Rules
    1. IOS XR IPv6 Malformed Packet DoS Vulnerability (cisco-sa-20150220-ipv6)
    2. GNU glibc gethostbyname Function Buffer Overflow Vulnerability (cisco-sa-20150128-ghost)
    3. SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability (cisco-sa-20151015-poodle)
    4. ASA VPN Failover Command Injection Vulnerability (cisco-sa-20141008-asa)
    5. Riverbed SteelHead Shellshock Vulnerability (S24997)
    6. NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability (cisco-sa-20140521-nxos)
    7. NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability (cisco-sa-20140521-nxos)
    8. NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability (cisco-sa-20140521-nxos)
    9. IOS RSVP Vulnerability (cisco-sa-20140924-rsvp)
    10. IOS SIP DoS Vulnerability (cisco-sa-20140924-sip)
    11. IOS NAT DoS Vulnerability (cisco-sa-20140924-nat)
    12. IOS DHCPv6 DoS Vulnerability (cisco-sa-20140924-dhcpv6)
    13. IOS Metadata Vulnerabilities (cisco-sa-20140924-metadata)
    14. IOS Multicast Domain Name System Vulnerabilities (cisco-sa-20140924-mdns)
    15. GNU Bash Environment Variable Command Injection Vulnerability (cisco-sa-20140926-bash)
    16. ASA SQL*NET Inspection Engine DoS Vulnerability (cisco-sa-20141008-asa)
    17. ASA VPN DoS Vulnerability (cisco-sa-20141008-asa)
    18. ASA IKEv2 DoS Vulnerability (cisco-sa-20141008-asa)
    19. ASA Health and Performance Monitor DoS Vulnerability (cisco-sa-20141008-asa)
    20. ASA GPRS Tunneling Protocol Inspection Engine DoS Vulnerability (cisco-sa-20141008-asa)
    21. ASA SunRPC Inspection Engine DoS Vulnerability (cisco-sa-20141008-asa)
    22. ASA DNS Inspection Engine DoS Vulnerability (cisco-sa-20141008-asa)
    23. ASA VNMC Command Input Validation Vulnerability (cisco-sa-20141008-asa)
    24. ASA Local Path Inclusion Vulnerability (cisco-sa-20141008-asa)
    25. ASA Clientless SSL VPN Information Disclosure and DoS Vulnerability (cisco-sa-20141008-asa)
    26. ASA Clientless SSL VPN Portal Customization Integrity Vulnerability (cisco-sa-20141008-asa)
    27. ASA Smart Call Home Digital Certificate Validation Vulnerability (cisco-sa-20141008-asa)
    28. Riverbed SteelHead OpenSSL Vulnerability (S24204)
    29. Apache HTTPd Range Header DoS Vulnerability (cisco-sa-20110830-apache)
    30. ASA Digital Certificate Authentication Bypass Vulnerability (cisco-sa-20131009-asa)
    31. ASA HTTP Deep Packet Inspection Denial of Service Vulnerability (cisco-sa-20131009-asa)
    32. IOS Software Protocol Translation Vulnerability (cisco-sa-20130327-pt)
    33. IOS Software Protocol Smart Install DoS Vulnerability (cisco-sa-20130327-smartinstall)

 

  • Updated Security Advisory Rules
    1. IOS DHCP DoS Vulnerability (cisco-sa-20130925-dhcp)
    2. Riverbed SteelHead Heartbleed Vulnerability (S23635)
    3. IOS Object-group ACL Bypass Vulnerability (cisco-sa-20090923-acl)
    4. IOS Reverse SSH DoS Vulnerability (cisco-sa-20120328-ssh)

 

You can download this update directly from NetAuditor by:

  • Manually selecting NetDoctor / Advisories / Download Now, or
  • Adding an automation step to download new update.

See user guide section: "Modules / NetDoctor / SteelCentral NetAuditor Advisory Service"

 

You can also download the patch installer from the SAS Website (requires login).

 

Please contact Riverbed Technical Support with your questions/comments.

 

Sincerely,

SteelCentral NPCM Product Management