Oops, they did it again: Cisco finds new vulns in kit it patched in June

Some Cisco wireless routers patched in June have made it back onto sysadmins' sleepless night lists again.

The RV110W, RV130W and RV215 (which had an HTTP parsing vuln previously) have turned up a command line interface parsing bug. While the CLI isn't a remote vuln, a local user can execute shell commands with full admin privileges.

A separate critical fix for the same units has been issued to kill off static credentials for a default account that mistakenly has root privileges.

Unified Communications Manager IM and Presence Service admins have a patch to run in for various versions, because a crafted SIP packet can crash the SIP Proxy Daemon (sipd).

If you've got an RV180 VPN or RV180W router, take a good hard look at your company's e-waste policy. The devices are on Cisco's end-of-life list and won't get patches.

There's an HTTP validation bug that lets arbitrary commands through the net, executing with root privileges; and HTTP also lets an outsider see directories that “should be restricted”.

For both bugs, the advice is to disable remote management; if this isn't possible, restrict access to specific remote IP addresses. And send them to switch heaven, ASAP. ®