Upload
andres-miranda
View
217
Download
0
Embed Size (px)
Citation preview
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
1/65
ID Activo Clase de Activo Direccin IP Nombre Activo
SO001 Sistema Operativo Windows Server 2003
SO002 Sistema Operativo Windows 7
SO003 Sistema Operativo Windows Server 2008
FW001 Firewall Cisco ASA 5500
AP001 Access Point AP Cisco Aironet
SW001 Switch Cisco Catalyst 3560
SOF001 Software Asterisk
TVOP001 Telefono Telefono VOIP
SOF002 Navegador Internet Explorer
SOF003 Office Microsoft Office
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
2/65
Descripcin del Activo de TI Fabricante URL Fabricante
Soporta aplicaciones o servicios corporativos Microsoft
Sistema operativo de usuario final Microsoft
Terminal Server Microsoft
Firewall de la red corporativa Cisco
Punto de Acceso inalambrico Cisco
Switch de Core Cisco
Asterisk es un programa de software libre (bajo licencia
GPL) que proporciona funcionalidades
de una central telefnica (PBX) para telefonia
VOIP. Asterisk
Telefono Grandstream que permite la
comunicacin por Voz sobre IP Grandstream
Navegador Web Internet Explorer Microsoft
Herramienta de Ofimtica Microsoft
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
3/65
Ubicacin Propietario Cantidad
Piso 1 Cordinador de Sistemas 2
Sala de Internet Cordinador de Sistemas 30
Piso 1 Cordinador de Sistemas 5
Piso 1 Cordinador de Sistemas 4
Piso 1 Cordinador de Sistemas 10
Piso 1 Cordinador de Sistemas 2
Piso 1 Cordinador de Sistemas 1
oficinas administrativas Cordinador de Sistemas 40
Sala de Internet Cordinador de Sistemas 30
Sala de Internet Cordinador de Sistemas 30
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
4/65
Servicio o Procesos del negocio Valor (Segn el Riesgo)
Gestin de Prstamos
Gestin de Prstamos
Internet y Wifi
Internet y Wifi
Internet y Wifi
Internet y Wifi
Gestin de Prstamos
Gestin de Prstamos
Gestin de Prstamos
Internet y Wifi
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
5/65
Nombre Activo de TI Fuente (URL) Aviso Fecha Aparicin Internet
Windows Server 2008http://www.cvedetails.com/cve/CVE-2012-
0157/3/13/2012
Windows Server 2008http://www.cvedetails.com/cve/CVE-2012-
0154/2/14/2012
Windows Server 2008http://www.cvedetails.com/cve/CVE-2012-
0148/2/14/2012
Windows Server 2008http://www.cvedetails.com/cve/CVE-2012-
0005/1/10/2012
Windows Server 2008http://www.cvedetails.com/cve/CVE-2010-
5082/1/17/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
6/65
Cisco ASA 5500http://www.cvedetails.com/cve/CVE-2012-
0358/3/12/2012
Cisco ASA 5500
http://www.cvedetails.com/cve/CVE-2012-
0356/ 3/14/2012
Cisco ASA 5500http://www.cvedetails.com/cve/CVE-2012-
0355/3/14/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
7/65
Cisco ASA 5500http://www.cvedetails.com/cve/CVE-2012-
0354/3/14/2012
Cisco ASA 5500http://www.cvedetails.com/cve/CVE-2012-
0354/3/14/2012
AP Cisco Aironet
http://cert.inteco.es/vulnDetail/Actualidad
/Actualidad_Vulnerabilidades/detalle_vuln
erabilidad/CVE-2009-2861
8/28/2009
AP Cisco Aironet
http://cert.inteco.es/vulnDetail/Actualidad
/Actualidad_Vulnerabilidades/detalle_vuln
erabilidad/CVE-2009-2976
8/27/2009
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
8/65
AP Cisco Aironet
http://cert.inteco.es/vulnDetail/Actualidad
/Actualidad_Vulnerabilidades/detalle_vuln
erabilidad/CVE-2006-0354
1/22/2006
AP Cisco Aironet
http://cert.inteco.es/vulnDetail/Actualidad
/Actualidad_Vulnerabilidades/detalle_vuln
erabilidad/CVE-2005-3482
11/12/2005
AP Cisco Aironet http://tools.cisco.com/security/center/cont 4/9/2002
Cisco Catalyst 3560
http://www.cvedetails.com/cve/CVE-2005-
4258/ 12/15/2005
Cisco Catalyst 3560https://supportforums.cisco.com/thread/210
72489/28/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
9/65
Cisco Catalyst 2960https://supportforums.cisco.com/thread/2
1072489/28/2011
Cisco Router 2921http://www.securityfocus.com/archive/1/5
178635/4/2011
Cisco Router 2921http://www.securityfocus.com/archive/1/5
17865/30/0/threaded5/4/2011
Asterisk http://osvdb.org/show/osvdb/80125 3/15/2012
Asterisk http://osvdb.org/show/osvdb/80126 3/15/2012
Asterisk http://osvdb.org/show/osvdb/78482 1/15/2012
Asterisk http://osvdb.org/show/osvdb/77597 7/18/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
10/65
Asterisk http://osvdb.org/show/osvdb/77598 8/12/2011
Telefono VOIP http://osvdb.org/show/osvdb/40185 8/22/2007
Internet Explorer http://www.securityfocus.com/bid/45246 12/22/2010
Internet Explorer http://www.securityfocus.com/bid/40487 6/1/2010
Internet Explorer http://web.nvd.nist.gov/view/vuln/detail?v 3/9/2010
Internet Explorer http://web.nvd.nist.gov/view/vuln/detail?vulnI 4/13/2010
Internet Explorerhttp://www.cvedetails.com/cve/CVE-2010-
1118/3/25/2012
Microsoft Office
http://www.cvedetails.com/cve/CVE-2011-
3413/ 12/13/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
11/65
Microsoft Officehttp://www.cvedetails.com/cve/CVE-2011-
3403/12/13/2011
Microsoft Officehttp://www.cvedetails.com/cve/CVE-2011-
1990/9/15/2011
Microsoft Officehttp://www.cvedetails.com/cve/CVE-2011-
1989/9/15/2011
Microsoft Officehttp://www.cvedetails.com/cve/CVE-2011-
1988/
9/15/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
12/65
http://osvdb.org/show/osvdb/80125 Fecha Publicacin por el Fabricante
http://technet.microsoft.com/en-
us/security/bulletin/ms12-0183/13/2012
http://technet.microsoft.com/security/bulletin/MS12-
0082/14/2012
http://technet.microsoft.com/security/bulletin/MS12-
0092/14/2012
http://technet.microsoft.com/security/bulletin/MS12-
0031/10/2012
http://technet.microsoft.com/security/bulletin/MS12-
0121/17/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
13/65
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20120314-asaclient3/12/2012
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20120314-asa 3/14/2012
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20120314-asa3/14/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
14/65
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20120314-asa3/14/2012
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20120314-asa3/14/2012
http://tools.cisco.com/security/center/viewAlert.x?alertId=18919
2/27/2009
http://www.airmagnet.com/assets/AM_Technote_SkyJa
ck_082509.pdf2/27/2009
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
15/65
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20060112-wireless1/22/2006
http://tools.cisco.com/security/center/content/CiscoSe
curityAdvisory/cisco-sa-20051102-lwapp11/12/2005
http://tools.cisco.com/security/center/content/CiscoSec 4/9/2002
http://www.cisco.com/warp/public/cc/pd/si/casi/ca350
0xl/index.shtml 12/15/2005
https://supportforums.cisco.com/thread/2107248 9/28/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
16/65
https://supportforums.cisco.com/thread/2107248 9/28/2011
http://tools.cisco.com/security/center/content/CiscoSe
curityResponse/cisco-sr-20110505-ios5/4/2011
http://www.securityfocus.com/archive/1/517865/30/0/
threaded5/4/2011
http://downloads.asterisk.org/pub/security/AST-2012-
002.html3/14/2012
http://downloads.asterisk.org/pub/security/AST-2012-
003.html3/14/2012
http://downloads.asterisk.org/pub/security/AST-2012-
001.html1/15/2012
http://downloads.asterisk.org/pub/security/AST-2011-
013.html 7/18/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
17/65
http://downloads.asterisk.org/pub/security/AST-2011-
014.html8/12/2011
http://archives.neohapsis.com/archives/fulldisclosure/2
007-08/0401.html8/22/2007
http://www.microsoft.com/technet/security/Bulletin/M
12/22/2010
http://www.securityfocus.com/bid/40487 6/12/2010
http://www.microsoft.com/technet/security/Bulletin/M 3/16/2010
http://www.microsoft.com/technet/security/Bulletin/M
S10-022.mspx4/13/2010
http://vreugdenhilresearch.nl/Pwn2Own-2010-
Windows7-InternetExplorer8.pdf03/25/2010
http://technet.microsoft.com/security/bulletin/MS11-
094 12/13/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
18/65
http://technet.microsoft.com/security/bulletin/MS11-
09612/13/2011
http://technet.microsoft.com/en-
us/security/bulletin/MS11-0729/15/2011
http://technet.microsoft.com/en-
us/security/bulletin/MS11-0729/15/2011
http://technet.microsoft.com/en-
us/security/bulletin/MS11-072
9/15/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
19/65
Categora Identificador (CVE) de la Vulnerabilidad Nombre Vulnerabilidad
Importante CVE-2012-0157
Vulnerability in Windows
Kernel-Mode Drivers Could
Allow Elevation of Privilege
Importante CVE-2012-0154Keyboard Layout Use After
Free Vulnerability
Importante CVE-2012-0148AfdPoll Elevation of
Privilege Vulnerability
Importante CVE-2012-0005CSRSS Elevation of
Privilege Vulnerability
Importante CVE-2010-5082
Color Control Panel
Insecure Library Loading
Vulnerability
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
20/65
CriticoCVE-2012-0358
CSCtr00165
CISCO 20120314 Cisco
ASA 5500 Series Adaptive
Security Appliance
Clientless VPN ActiveX
Control Remote CodeExecution Vulnerability
Importante CVE-2012-0356
CISCO 20120314 Multiple
Vulnerabilities in Cisco ASA
5500 Series Adaptive
Security Appliances and
Cisco Catalyst 6500 Series
ASA Services Module
Importante CVE-2012-0355
CISCO 20120314 Multiple
Vulnerabilities in Cisco ASA
5500 Series Adaptive
Security Appliances and
Cisco Catalyst 6500 Series
ASA Services Module
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
21/65
Importante CVE-2012-0354
CISCO 20120314 MultipleVulnerabilities in Cisco ASA
5500 Series Adaptive
Security Appliances and
Cisco Catalyst 6500 Series
ASA Services Module
Importante CVE-2012-0353
CISCO 20120314 Multiple
Vulnerabilities in Cisco ASA
5500 Series Adaptive
Security Appliances and
Cisco Catalyst 6500 Series
ASA Services Module
Importante CVE-2009-2861CSCtb56664.
Vulnerabilidad en Cisco
Aironet Lightweight AccessPoint
Importante CVE-2009-2976
Vulnerabilidad en los
dispositivos Cisco Aironet
Lightweight Access Point
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
22/65
ImportanteCVE-2006-0354
CSCsc16644
Access Point Memory
Exhaustion from ARP
Attacks
Importante CVE-2005-3482
Cisco Airespace Wireless
LAN Controllers Allow
Unencrypted Network
Access
Importante cisco-sa-20020409 Aironet Telnet Vulnerability
Importante CVE-2005-4258
Multiple Unspecified Cisco
Catalyst Switches LanD
Packet Denial Of ServiceVulnerability
Importante 2363 - CVE-MAP-NOMATCHSSH vulnerability in Cisco
Catalyst
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
23/65
Importante 2363 - CVE-MAP-NOMATCHSSH vulnerability in Cisco
Catalyst
Importante N/ACisco IOS Software Denial
of Service Vulnerabilities
Importante N/A
Cisco IOS SNMP Message
Processing Denial Of
Service Vulnerability
Importante osvdb: 80125Asterisk Request Response
Port SIP Peer Enumeration
Importante osvdb: 80126
Asterisk main/utils.c
ast_parse_digest() Function
HTTP Digest Authentication
String Parsing Remote
Overflow
Importante CVE-2012-0885
Asterisk main/utils.c
ast_parse_digest() Function
HTTP Digest Authentication
String Parsing Remote
Overflow
Importante osvdb: 77597
Asterisk Request Response
Port SIP Peer Enumeration
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
24/65
Importante osvdb: 77598
Asterisk
channels/chan_sip.c
handle_request_info()
Function SIP Packet
Parsing Remote DoS
Importante isvdb: 40185
Grandstream SIP Phone
GXV-3000 Crafted SIP
INVITE Message Privilege
Escalation
Critica CVE-2010-3971 Ejecucin de cdigo remoto
Critica Vulnerabilidad de denegaci
Importante CVE-2010-0806 Ejecucin de cdigo arbitrari
Importante CVE-2010-0483 Ejecucin de cdigo arbitrari
Importante CVE-2010-1118 Ejecucin de cdigo arbitrari
Importante CVE-2011-3413
OfficeArt Shape RCE
Vulnerability
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
25/65
Importante CVE-2011-3413Record Memory Corruption
Vulnerability
Importante CVE-2011-1990Excel Out of Bounds Array
Indexing Vulnerability
Importante CVE-2011-1989Excel ConditionalExpression Parsing
Vulnerability
Importante CVE-2011-1988Excel Heap Corruption
Vulnerability
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
26/65
Descripcin de la Vulnerabilidad Versiones Afectadas Impacto
win32k.sys in the kernel-mode drivers in Microsoft
Windows XP SP2 and SP3, Windows Server 2003
SP2, Windows Vista SP2, Windows Server 2008 SP2,
R2, and R2 SP1, and Windows 7 Gold and SP1 does
not properly handle window messaging, which allowslocal users to gain privileges via a crafted application
that calls the PostMessage function, aka
"PostMessage Function Vulnerability."
XP SP3, 2003 SP2, Vista
SP2, 2008 SP2, 7 SP1,
2008 R2 SP1
Medio
Use-after-free vulnerability in win32k.sys in the kernel-
mode drivers in Microsoft Windows XP SP2 and SP3,
Windows Server 2003 SP2, Windows Vista SP2,
Windows Server 2008 SP2, R2, and R2 SP1, and
Windows 7 Gold and SP1 allows local users to gain
privileges via a crafted application that triggers
keyboard layout errors, aka "Keyboard Layout Use
After Free Vulnerability.
Microsoft Windows XP
SP2 and SP3, Windows
Server 2003 SP2,
Windows Vista SP2,
Windows Server 2008
SP2, R2, and R2 SP1,
and Windows 7 Gold and
SP1
Medio
afd.sys in the Ancillary Function Driver in Microsoft
Windows XP SP2, Windows Server 2003 SP2,
Windows Vista SP2, Windows Server 2008 SP2, R2,
and R2 SP1, and Windows 7 Gold and SP1 on 64-bit
platforms does not properly validate user-mode input
passed to kernel mode, which allows local users to
gain privileges via a crafted application, aka "AfdPoll
Elevation of Privilege Vulnerability."
Microsoft Windows XPSP2, Windows Server
2003 SP2, Windows Vista
SP2, Windows Server
2008 SP2, R2, and R2
SP1, and Windows 7 Gold
and SP1 on 64-bit
Bajo
The Client/Server Run-time Subsystem (aka CSRSS)
in the Win32 subsystem in Microsoft Windows XP SP2
and SP3, Server 2003 SP2, Vista SP2, and Server
2008 SP2, when a Chinese, Japanese, or Korean
system locale is used, can access uninitialized memory
during the processing of Unicode characters, which
allows local users to gain privileges via a craftedapplication, aka "CSRSS Elevation of Privilege
Vulnerability."
Windows XP SP2 and
SP3, Server 2003 SP2,
Vista SP2, and Server
2008 SP2
Untrusted search path vulnerability in colorcpl.exe
6.0.6000.16386 in the Color Control Panel in Microsoft
Windows Server 2008 SP2, R2, and R2 SP1 allows
local users to gain privileges via a Trojan horse sti.dll
file in the current working directory, as demonstrated by
a directory that contains a .camp, .cdmp, .gmmp, .icc,
or .icm file, aka "Color Control Panel Insecure Library
Loading Vulnerability."
Microsoft Windows Server
2008 SP2, R2, and R2
SP1
Bajo
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
27/65
Buffer overflow in the Cisco Port Forwarder ActiveX
control in cscopf.ocx, as distributed through the
Clientless VPN feature on Cisco Adaptive Security
Appliances (ASA) 5500 series devices with software
7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26),
8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before
8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1),
allows remote attackers to execute arbitrary code via
unspecified vectors, aka Bug ID CSCtr00165.
Cisco Adaptive Security
Appliances (ASA) 5500
series devices with
software 7.0 through 7.2
before 7.2(5.6), 8.0 before
8.0(5.26), 8.1 before
8.1(2.53), 8.2 before
8.2(5.18), 8.3 before
8.3(2.28), 8.2 before
8.4(2.16), and 8.6 before
8.6(1.1),
Alto
Cisco ASA 5500 Series Adaptive Security Appliances
(ASA) and Cisco Catalyst 6500 Series ASA Services
Module (ASASM) are affected by the following
vulnerabilities:
Cisco ASA UDP Inspection Engine Denial of Service
Vulnerability
Cisco ASA Threat Detection Denial of Service
VulnerabilityCisco ASA Syslog Message 305006 Denial of Service
Vulnerability
Protocol Independent Multicast Denial of Service
Vulnerability
These vulnerabilities are independent of each other; a
release that is affected by one of the vulnerabilities
may not be affected by the others.
(ASA) 5500 series
devices, and the ASA
Services Module
(ASASM) in Cisco
Catalyst 6500 series
devices, with software 7.0
through 7.2 before
7.2(5.7), 8.0 before
8.0(5.27), 8.1 before
8.1(2.53), 8.2 before8.2(5.8), 8.3 before
8.3(2.25), 8.4 before
8.4(2.5), and 8.5 before
8.5(1.2) and the Firewall
Services Module (FWSM)
3.1 and 3.2 before 3.2(23)
and 4.0 and 4.1 before
4.1(8) in Cisco Catalyst
6500
Medio
Cisco ASA 5500 Series Adaptive Security Appliances
(ASA) and Cisco Catalyst 6500 Series ASA Services
Module (ASASM) are affected by the followingvulnerabilities:
Cisco ASA UDP Inspection Engine Denial of Service
Vulnerability
Cisco ASA Threat Detection Denial of Service
Vulnerability
Cisco ASA Syslog Message 305006 Denial of Service
Vulnerability
Protocol Independent Multicast Denial of Service
Vulnerability
These vulnerabilities are independent of each other; a
release that is affected by one of the vulnerabilities
may not be affected by the others.
(ASA) 5500 series
devices, and the ASA
Services Module
(ASASM) in Cisco
Catalyst 6500 seriesdevices, with software 7.0
through 7.2 before
7.2(5.7), 8.0 before
8.0(5.27), 8.1 before
8.1(2.53), 8.2 before
8.2(5.8), 8.3 before
8.3(2.25), 8.4 before
8.4(2.5), and 8.5 before
8.5(1.2) and the Firewall
Services Module (FWSM)
3.1 and 3.2 before 3.2(23)
and 4.0 and 4.1 before
4.1(8) in Cisco Catalyst6500
Medio
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
28/65
The Threat Detection feature on Cisco Adaptive
Security Appliances (ASA) 5500 series devices, and
the ASA Services Module (ASASM) in Cisco Catalyst
6500 series devices, with software 8.0 through 8.2
before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before
8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1)
allows remote attackers to cause a denial of service
(device reload) via (1) IPv4 or (2) IPv6 packets that
trigger a shun event, aka Bug ID CSCtw35765.
(ASA) 5500 series
devices, and the ASA
Services Module
(ASASM) in Cisco
Catalyst 6500 series
devices, with software 7.0
through 7.2 before
7.2(5.7), 8.0 before
8.0(5.27), 8.1 before
8.1(2.53), 8.2 before
8.2(5.8), 8.3 before
8.3(2.25), 8.4 before
8.4(2.5), and 8.5 before
8.5(1.2) and the Firewall
Services Module (FWSM)
3.1 and 3.2 before 3.2(23)
and 4.0 and 4.1 before
4.1(8) in Cisco Catalyst
6500
Medio
The UDP inspection engine on Cisco Adaptive Security
Appliances (ASA) 5500 series devices, and the ASAServices Module (ASASM) in Cisco Catalyst 6500
series devices, with software 8.0 before 8.0(5.25), 8.1
before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before
8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2)
does not properly handle flows, which allows remote
attackers to cause a denial of service (device reload)
via a crafted series of (1) IPv4 or (2) IPv6 UDP
packets, aka Bug ID CSCtq10441.
(ASA) 5500 series
devices, and the ASAServices Module
(ASASM) in Cisco
Catalyst 6500 series
devices, with software 8.0
before 8.0(5.25), 8.1
before 8.1(2.50), 8.2
before 8.2(5.5), 8.3 before
8.3(2.22), 8.4 before
8.4(2.1),
Medio
La funcionalidad Over-the-Air Provisioning (OTAP) en
dispositivos Cisco Aironet Lightweight Access Point
1100 y 1200 no implementan apropiadamente la
asociacin al punto de acceso, lo que permite a los
atacantes remoto suplantar un controlador y causaruna denegacin de servicio (parada de servicio) a
travs de una gestin de paquetes de radio remota
(RRM) manipulados, tambin conocidos como
"SkyJack" o Bug ID CSCtb56664.
Cisco Aironet LightweightAccess Point 1100 y 1200
Medio
Los dispositivos Cisco Aironet Lightweight Access
Point (AP) envan el contenido de ciertos paquetes de
multidifusin en texto plano, lo que permite a atacantes
remotos descubrir las direcciones IP y MAC del
Wireless LAN Controller as como los detalles de
configuracin del Punto de Acceso (AP) espiando la
red wireless.
Cisco Aironet Lightweight
Access Point 1100 y 1200Medio
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
29/65
Cisco IOS before 12.3-7-JA2 on Aironet Wireless
Access Points (WAP) allows remote authenticated
users to cause a denial of service (termination of
packet passing or termination of client connections) by
sending the management interface a large number of
spoofed ARP packets, which creates a large ARP table
that exhausts memory, aka Bug ID CSCsc16644
Cisco Aironet 1400 Series
Wireless Bridges
Cisco Aironet 1300 Series
Access Points
Cisco Aironet 1240AG
Series Access Points
Cisco Aironet 1230AG
Series Access Points
Cisco Aironet 1200 Series
Access Points
Cisco Aironet 1130AG
Series Access Points
Cisco Aironet 1100 Series
Access Points
Cisco Aironet 350 Series
Access Points running
IOS
Bajo
Cisco 1200, 1131, and 1240 series Access Points,
when operating in Lightweight Access Point Protocol
(LWAPP) mode and controlled by 2000 and 4400
series Airespace WLAN controllers running 3.1.59.24,
allow remote attackers to send unencrypted traffic to a
secure network using frames with the MAC address of
an authenticated end host.
Cisco 1200, 1131, and
1240 series access points
controlled by Cisco 2000
and 4400 series
Airespace Wireless LAN
(WLAN) Controllers that
are running software
version 3.1.59.24 are
affected by thisvulnerability.
Bajo
It is possible to cause a denial-of-service attack if
Cisco Aironet products have Telnet access enabled.
Telnet access is the only requirement for such an
attack; there are no additional conditions.
All releases up to, but
excluding, 11.21 are
vulnerable.
Unspecified Cisco Catalyst Switches allow remote
attackers to cause a denial of service (device crash)
via an IP packet with the same source and destination
IPs and ports, and with the SYN flag set (aka LanD).NOTE: the provenance of this issue is unknown; the
details are obtained solely from the BID.
Cisco Catalyst,
FreeIPS FreeIPS 1.0 Bajo
Recently we have been warn by our security team for a
SSH vulnerability been detected on our Cisco devices
(Cisco catalyst 2960, 3560) using McAfee Foundstone
Cisco catalyst 3560 Bajo
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
30/65
Recently we have been warn by our security team for a
SSH vulnerability been detected on our Cisco devices
(Cisco catalyst 2960, 3560) using McAfee Foundstone
Cisco catalyst 2960 Bajo
A potential denial of service condition may exist in
Cisco's IOS firmware.
The problem reportedly occurs when a large number of
UDP packets are sent to device running IOS. This
causes the system to use all available CPU resources
and thus become unresponsive. The device may have
to be reset manually if the attack is successful
Cisco Router 2921 Medio
It has been reported that the Cisco Internet Operating
System (IOS) is affected by a remote SNMP message
processing denial of service vulnerability. This issue
may be leveraged to cause a denial of service
condition in the affected device. The denial of service
is due to the process consumed all available CPU
resources in the affected device.The device may have
to be reset manually if the attack is successful.
Cisco router 2921/K9 IOS
15.0M6Medio
The SIP over UDP implementation in Asterisk Open
Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and
1.8.x before 1.8.7.2 uses different port numbers for
responses to invalid requests depending on whether a
SIP username exists, which allows remote attackers to
enumerate usernames via a series of requests
1.4.x before 1.4.43, 1.6.x
before 1.6.2.21, and 1.8.x
before 1.8.7.2
Medio
The SIP over UDP implementation in Asterisk Open
Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and
1.8.x before 1.8.7.2 uses different port numbers for
responses to invalid requests depending on whether a
SIP username exists, which allows remote attackers toenumerate usernames via a series of requests
1.4.x before 1.4.43, 1.6.x
before 1.6.2.21, and 1.8.x
before 1.8.7.2
Medio
chan_sip.c in Asterisk Open Source 1.8.x before
1.8.8.2 and 10.x before 10.0.1, when the res_srtp
module is used and media support is improperly
configured, allows remote attackers to cause a denial
of service (NULL pointer dereference and daemon
crash) via a crafted SDP message with a crypto
attribute and a (1) video or (2) text media type, as
demonstrated by CSipSimple.
1.4.x before 1.4.43, 1.6.x
before 1.6.2.21, and 1.8.x
before 1.8.7.2
Medio
The SIP over UDP implementation in Asterisk Open
Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and
1.8.x before 1.8.7.2 uses different port numbers for
responses to invalid requests depending on whether aSIP username exists, which allows remote attackers to
enumerate usernames via a series of requests.
All Alto
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
31/65
channels/chan_sip.c in Asterisk Open Source 1.6.2.x
before 1.6.2.21 and 1.8.x before 1.8.7.2, when
automon is enabled, allows remote attackers to cause
a denial of service (NULL pointer dereference and
daemon crash) via a crafted sequence of SIP requests.
All Alto
The Grandstream SIP Phone GXV-3000 with firmware1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows
remote attackers to force silent call completion,
eavesdrop on the phone's local environment, and
cause a denial of service (blocked call reception) via a
certain SIP INVITE message followed by a certain
"SIP/2.0 183 Session Progress" message.
GXV3000
El error se produce en la librera "mshtml.dll". Puede
permitir que, al visitar una pgina web maliciosa, se
ejecute cdigo en el ordenador comprometido, para,entre otras cosas, controlarla remotamente.
IE 6, 7 y 8 Alto
Microsoft Internet Explorer CSS 'expression'
Vulnerabilidad de denegacin de Servicio remota
Los atacantes pueden aprovechar este problema de
atraer a un usuario desprevenido para ver una pgina
web especialmente diseado.
Versiones vulnerables de Internet Explorer 6, 7, y 8
IE 6, 7 y 8
Vulnerabilidad en Internet Explorer que podra permitir l IE 6 y 7
Vulnerabilidad en Internet Explorer que podra permitir l IE 6, 7 y 8
Unspecified vulnerability in Internet Explorer 8 on
Microsoft Windows 7 allows remote attackers to
execute arbitrary code via unknown vectors, possibly
related to a use-after-free issue, as demonstrated by
Peter Vreugdenhil during a Pwn2Own competition at
CanSecWest 2010.
IE 6, 7 y 8
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac;
Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats SP2; and PowerPoint
Viewer 2007 SP2 allow remote attackers to execute
arbitrary code or cause a denial of service (memorycorruption) via an invalid OfficeArt record in a
PowerPoint document, aka "OfficeArt Shape RCE
Vulnerability."
2007 y 2008 (mac)
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
32/65
Microsoft Excel 2003 SP3 and Office 2004 for Mac do
not properly handle objects in memory, which allows
remote attackers to execute arbitrary code via a crafted
Excel spreadsheet, aka "Record Memory Corruption
Vulnerability."
2003 y 2004 (mac)
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2;
Excel Viewer SP2; Office Compatibility Pack for Word,Excel, and PowerPoint 2007 File Formats SP2; and
Excel Services on Office SharePoint Server 2007 SP2
do not properly validate the sign of an unspecified
array index, which allows remote attackers to execute
arbitrary code via a crafted spreadsheet, aka "Excel
Out of Bounds Array Indexing Vulnerability."
Excel 2007 SP2; Excel in
Office 2007 SP2; Excel
Viewer SP2; O
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in
Office 2007 SP2; Excel 2010 Gold and SP1; Excel in
Office 2010 Gold and SP1; Office 2004, 2008, and
2011 for Mac; Open XML File Format Converter for
Mac; Excel Viewer SP2; Office Compatibility Pack for
Word, Excel, and PowerPoint 2007 File Formats SP2;
Excel Services on Office SharePoint Server 2007 SP2;
Excel Services on Office SharePoint Server 2010 Gold
and SP1; and Excel Web App 2010 Gold and SP1 do
not properly parse conditional expressions associated
with formatting requirements, which allows remote
attackers to execute arbitrary code via a crafted
spreadsheet, aka "Excel Conditional Expression
Parsing Vulnerability."
Excel 2007 SP2; Excel inOffice 2007 SP2; Excel
Viewer SP2; O
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in
Office 2007 SP2; Office 2004 and 2008 for Mac; Open
XML File Format Converter for Mac; Excel Viewer SP2;
and Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats SP2 do not properly
parse records in Excel spreadsheets, which allowsremote attackers to execute arbitrary code via a crafted
spreadsheet, aka "Excel Heap Corruption
Vulnerability."
Excel 2007 SP2; Excel in
Office 2007 SP2; Excel
Viewer SP2; O
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
33/65
Solucin Temporal (Workaround) Fecha en Internet Solucin Temporal
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
34/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
35/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
36/65
The workaround for this vulnerability is to
disable Telnet access.
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
37/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
38/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
39/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
40/65
Fecha Implementacin Solucin Temporal Solucin definitiva
Aplicar los parches del boletin de seguridad
http://technet.microsoft.com/en-
us/security/bulletin/ms12-018
Aplicar los parches del boletin de seguridad
http://technet.microsoft.com/en-
us/security/bulletin/ms12-008
Aplicar los parches del boletin de seguridad
http://technet.microsoft.com/en-
us/security/bulletin/ms12-009
Aplicar los parches del boletin de seguridad
http://technet.microsoft.com/en-
us/security/bulletin/ms12-005
Aplicar los parches del boletin de seguridad
http://technet.microsoft.com/en-
us/security/bulletin/ms12-012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
41/65
Actualizar de versin segn el iOS
http://tools.cisco.com/security/center/content/
CiscoSecurityAdvisory/cisco-sa-20120314-
asaclient
Cisco has released free software updates that
address these vulnerabilities. Workarounds
are available to mitigate some of the
vulnerabilities. This advisory is available at the
following link:
http://tools.cisco.com/security/center/content/
CiscoSecurityAdvisory/cisco-sa-20120314-asa
Cisco has released free software updates that
address these vulnerabilities. Workarounds
are available to mitigate some of the
vulnerabilities. This advisory is available at the
following link:
http://tools.cisco.com/security/center/content/
CiscoSecurityAdvisory/cisco-sa-20120314-asa
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
42/65
Cisco has released free software updates that
address these vulnerabilities. Workaroundsare available to mitigate some of the
vulnerabilities. This advisory is available at the
following link:
http://tools.cisco.com/security/center/content/
CiscoSecurityAdvisory/cisco-sa-20120314-asa
Cisco has released free software updates thataddress these vulnerabilities. Workarounds
are available to mitigate some of the
vulnerabilities. This advisory is available at the
following link:
http://tools.cisco.com/security/center/content/
CiscoSecurityAdvisory/cisco-sa-20120314-asa
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
43/65
Cisco has made free software available to
address this vulnerability for affected
customers. Prior to deploying software,
customers should consult their maintenance
provider or check the software for feature set
compatibility and known issues specific to
their environment.
Customers may only install and expect
support for the feature sets they have
purchased. By installing, downloading,
accessing or otherwise using such software
upgrades, customers agree to be bound by
the terms of Cisco's software license terms
found at
http://www.cisco.com/en/US/docs/general/warr
anty/English/EU1KEN_.html, or as otherwise
set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-
usingswc.shtml.
Cisco has made free software available to
address this vulnerability for affected
customers. Prior to deploying software,
customers should consult their maintenance
provider or check the software for feature set
compatibility and known issues specific to
their environment.
Customers may only install and expect
support for the feature sets they have
purchased. By installing, downloading,
accessing or otherwise using such software
upgrades, customers agree to be bound by
the terms of Cisco's software license termsfound at http://www.cisco.com/public/sw-
license-agreement.html, or as otherwise set
forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-
usingswc.shtml.
This vulnerability is fixed in release 11.21,
which is available now.
Currently we are not aware of any vendor-
supplied patches for this issue. If you feel we
are in error or are aware of more recent
information, please mail us at:[email protected]
.
Our ssh version is 2.0 and we did change the
RSA key to 2048 but then the result still the
same.
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
44/65
Our ssh version is 2.0 and we did change the
RSA key to 2048 but then the result still the
same.
Currently there are not any vendor-supplied
patches for this issue.
Currently there are not any vendor-supplied
patches for this issue.
Upgrade to version 1.4.44, 1.6.2.23, 1.8.10.1
or 10.2.1 or higher, as they have been
reported to fix this vulnerability. An upgrade is
required as there are no known workarounds.
Upgrade to version 1.4.44, 1.6.2.23, 1.8.10.1
or 10.2.1 or higher, as they have been
reported to fix this vulnerability. An upgrade is
required as there are no known workarounds.
Upgrade to version 10.0.1 or higher or 1.8.8.2
or higher, as it has been reported to fix this
vulnerability
Upgrade to version 10.0.1 or higher or 1.8.8.2
or higher, as it has been reported to fix thisvulnerability
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
45/65
Upgrade to version 1.6.2.21 or higher or
1.8.7.2 or higher, as it has been reported to fix
this vulnerability
Actualizar el Firmware
http://www.grandstream.com/support/firmware
La solucin propuesta por Microsoft: utilizar
Enhanced Mitigation Experience Toolkit
(EMET) de Microsoft.
Esta herramienta permite que todas las DLL
cargadas por un programa sean obligadas a
usar ASLR. Esto quiere decir que serncolocadas en lugares aleatorios de la
memoria.
La solucin es para cada uno de los equipos y
no se controla desde el dominio
Aplicar en los servidores y en los PCs la actua
Aplicar en los servidores y en los PCs la actua
Actualizar http://www.microsoft.com/en-us/defa
Actualizar http://www.microsoft.com/en-us/defa
Aplicar los parches del boletin MS MS11-094
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
46/65
Aplicar los parches del boletin MS MS11-096
Aplicar los parches del boletin MS MS11-072
Aplicar los parches del boletin MS MS11-072
Aplicar los parches del boletin MS MS11-072
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
47/65
Fecha Solucin Definitiva por el Fabricante Fecha Implementacin Solucin Definitiva
3/13/2012
2/14/2012
2/14/2012
1/10/2012
1/17/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
48/65
3/12/2012
3/14/2012
3/14/2012
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
49/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
50/65
1/12/2006
11/12/2005
4/9/2002
12/15/2005
9/28/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
51/65
9/28/2011
3/15/2012
3/15/2012
1/15/2012
7/18/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
52/65
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
53/65
12/13/2011
9/15/2011
9/15/2011
9/15/2011
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
54/65
Nro de OC Observacin
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
55/65
Servicios o Procesos Crticos del negocio Descripcin
Gestin de Catalogo en Linea
Gestin de Afiliacin
Gestin de Prstamos Proceso para la Afiliacin, prstamo, reserva y renovaci
Gestin de Reservas de materiales
Gestin de Renovacin del prstamo
Internet y WIFI Ofrecer a los diferentes pblicos (nios, jvenes, adultos)
Visitas guiadas
Referencia y orientacin a los usuarios
Cursos y capacitaciones
Talleres (escritores, msica, artes)
Salas de exposicin y auditorio
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
56/65
Confidencialidad Disponibildiad Integridad Trazabilidad Total Alto=10 Medio=5
Bajo Alto Media Bajo 16
Bajo Media Media Bajo 11
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
57/65
Bajo=1
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
58/65
Nombre Activo de TI
AP Cisco Aironet Asterisk Cisco ASA
5 5 5
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
59/65
Cisco Catalyst 29 Cisco Catalyst 3560 Cisco Router 2921 Internet Explorer Telefono VOIP
1 2 2 4 1
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
60/65
Windows Server (vaco) Microsoft Total Resultado
5 5 35
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
61/65
ACTIVOS VULNERABILIDAD AMENAZA
NATURAL HUMANO
Asterisk
ubuntu server
cisco2960
joomla
Windows 2003 server
ESCALA RIESGO
CUALITATIVO
MUY ALTO 50
ALTO
MEDIO
BAJO
FUENTE
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
62/65
PROBABILIDA IMPACTO RIESGO
DISPONIBILIDAD CONFIDENCIALIDA INTEGRIDAD TRAZABILIDAD
DIMENSIONES
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
63/65
Nombre del Activo
Valor
Activo
(dolares)
Vulnerabilidad Amenaza
Robo fisico
Descarga electrica
Intruso Interno
Intruso Externo
Escalar privilegios
robo de
informacion
Intruso Externo
modificacion de
configuracion
atacante interno
mal manejo de
contraseas
falta capacitacionperdidas de
informacion
Caida de la linea
Desconfiguracin
intencional
Consumo de red
llamadas no
permitidas
PoC
Cambiar los QoS
atacaque de fuerza
brutaclaves por defecto
cambio de
configuracin
romper WEP
AP Roguet
suplantacin MAC
malware
exposicion
informacion
corporativa en
internet
phishing
Man-in-the-browser
Saltar proxy
Exploits
AP Cisco Aironet 700
Configuraciones por defecto
Cifrado inseguro de la red inalambirca
Navegador internet
explorer20
Navegacin en sitios no autorizados
Vulnerabilidades en el navegador
Cisco Catalyst 3560 2000
Vulnerabilidad SSH
malas configuraciones
Asterisk 500Fallas tcnicas
Fallas de software
Windows Server
20031000
Inadecuado Control de Seguridad Fisica
Sistema operativo desactualizado
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
64/65
Rango de
ocurrencia
al ao
ValorProbabilidad
AmenazaImpacto %
Riesgo x Amenaza
(dolares)
Riesgo anual x
vulnerabilidad
(cuantivativo)
2 veces 2/365 0.005479452 70.00% 3.835616438
2veces 3/365 0.008219178 30.00% 2.465753425
2 veces 2/365 0.005479452 15.00% 0.821917808
4 veces 4/365 0.010958904 60.00% 6.575342466
10 veces 10/365 0.02739726 20.00% 5.479452055 14.24657534
7 veces1/365
0.00273972680.00%
2.191780822
2veces 2/365 0.005479452 60.00% 6.575342466 27.94520548
4 veces 4/365 0.010958904 60.00% 13.15068493
6 veces 3/365 0.008219178 50.00% 8.219178082
4 veces 4/365 0.01095890445.00%
9.863013699 37.26027397
2 veces 2/365 0.005479452 25.00% 2.739726027
6 veces 6/365 0.01643835675.00%
24.65753425
3 veces 3/365 0.008219178 0.4 1.643835616 9.589041096
4 veces 4/365 0.010958904 0.3 5.479452055
3 veces 3/365 0.008219178 0.6 2.465753425
9 veces 9/365 0.024657534 0.2 2.465753425 7.671232877
4 veces 4/365 0.010958904 0.5 2.739726027
3 veces 3/365 0.008219178 0.6 2.465753425
2 veces 2/360 0.005555556 0.5 1.944444444 17.888888898 veces 8/360 0.022222222 0.9 14
5 veces 5/360 0.013888889 0.2 1.944444444
2 veces 2/360 0.005555556 0.3 1.166666667 4.472222222
2 veces 2/360 0.005555556 0.7 2.722222222
3 veces 3/360 0.008333333 0.1 0.583333333
8 veces 8/360 0.022222222 0.4 0.177777778 0.377777778
9 veces 9/360 0.025 0.2 0.1
3 veces 3/360 0.008333333 0.6 0.1
2 veces 2/360 0.005555556 0.2 0.022222222 0.366666667
6 veces 6/360 0.016666667 0.5 0.166666667
8 veces 8/360 0.022222222 0.4 0.177777778
7.123287671
7/31/2019 GestinVulnerabilidades-Activos TI - BPP actividad 14
65/65