Вы находитесь на странице: 1из 1

For Immediate Release

Cisco IOS Vulnerabilities Can Be Identified By Refense

Raleigh, NC – March 26, 2009 – REFENSE Technologies, the leader in Security Risk Management for
mission critical network infrastructure, has today released new security checks to address vulnerabilities
identified in Cisco’s semi-annual release of Security Advisories. With these new security checks,
REFENSE provides its customers with the ability to audit and analyze their production network devices to
verify whether the vulnerabilities published by Cisco are present and provide mitigation actions necessary
to eliminate the risks.

The new security checks released today identify the following vulnerabilities known to exist within Cisco’s
Internet Operating System (IOS) software. These vulnerabilities are identified by Cisco as follows:

 Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability

 Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability
 Cisco IOS Software Multiple Features IP Sockets Vulnerability
 Cisco IOS Software WebVPN and SSLVPN Vulnerabilities
 Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities
 Cisco IOS Software Secure Copy Privilege Escalation Vulnerability
 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
 Cisco IOS cTCP Denial of Service Vulnerability

Cisco has provided scores for the vulnerabilities of these advisories based on the Common Vulnerability
Scoring System (CVSS). The CVSS scoring for these Security Advisories range from 7.1 to 7.8 and are
done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys
vulnerability severity and helps determine urgency and priority of response. To read the full details of
these Cisco Security Advisories, please visit the Cisco website at

REFENSE VMS (turn key appliance) and REFENSE On-Demand (SaaS) are vulnerability & compliance
management solutions for network devices (Routers, Switches, Firewalls & Wireless Access Points) that
provide an automated means of ensuring that security best-practices are applied across every device on
the network. REFENSE can quickly, accurately and non-intrusively identify known vulnerabilities
published by network device vendors such as Cisco Systems and audits non compliance to industry best
practices and regulatory requirements like PCI DSS, HIPAA, FISMA, NSA and DoD, etc

About REFENSE Technologies, Inc.

REFENSE Technologies, Inc. provides Security Risk Management solutions that identify vulnerability,
miss configurations & compliance violations within mission critical network infrastructure. The company
develops solutions that address security concerns within network devices, the very fabric of an IT
infrastructure. Refense VMS detects vulnerabilities internal to the network device such as routers,
switches and wireless access points and provides mitigation intelligence to eliminate the threats. With
REFENSE organizations can ensure the security and policy compliance of their wireless and wired
networks. For more information, visit our website at www.refense.com or call 1-800-432-6187.


Contact: Jeffery Nash, 105 Brooks Avenue, Raleigh, NC 27607 Phone: 919-783-153;