Intro

I never used the Fulldisk Encryption Feature as there was no need for. It doesn’t make sense for Hosted VM’s, as you have to enter the Passphrase at every boot at the Console. So, it’s a pain and still possible to intercept on the Hosters Infrastructure. Disk Encryption does not make sense at home, as all my Devices remains at home (and hopefully never got stolen). It would make sense on a Notebook, but i’m more the Apple Fanboy when it comes to portable Machines. And there, we have FileVault which basically does the same. However, i’d like to give a try with a Test VM. There are plenty of instructions how to setup up, i just tried one and made some notes as usual.

Intro

I stumbled across an old Cisco box in the basement. I thought i might have some fun (or frust?) with the aging Device. The Hardware still works fine, right ? And what about the Software ? Let’s give a try !

Hardware

show version

Cisco 1841 (revision 7.0) with 352256K/40960K bytes of memory.
Processor board ID FCZ1234757Y
6 FastEthernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
125184K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Software

dir flash

Area41

Looking Forward to the next Security Congress in Zurich https://www.area41.io . It’s sold out since a while, happy i got a early ticket :)

… and all the Talks are online … https://www.youtube.com/watch?v=Hs5olUBX2cg&list=PLv-PXy2JVviu32C4U6F8KHKcyL4s-i_Fo

Any Comments ?

sha256: 07f41198ed084963405456466b567179077366052c560295e9868a0046f0a714

Stumbled upon something that I’ve missed for a long time: encrypting files with the ssh public key :)

Source

https://github.com/FiloSottile/age

Install Package

OpenBSD (and most others *nix systems) got a package for age. Just install it.

doas pkg_add age

Asymmetric Encryption

Asymmetric Encryption encrypts and decrypts the data using two separate yet mathematically connected cryptographic keys. These keys are known as a ‘Public Key’ and a ‘Private Key’. Together, they’re called a ‘Public and Private Key Pair’

it’s time for some education and i decided to do a CAS CyberSecurity @OST (prev. HSR Rapperswil).

I expect to learn a lot in Attacking, Defense, Reverse Engineering and so on. Think i have already a “good basic” in many of these Topics. So, i expect the have an intersting Time in the next few Month. You can expect some posts here, or may i do another blog ?

-> started a new blog for the CAS

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.06.04.E

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5	Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	7.7	CVE-2020-3235	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	6.8	CVE-2020-3209	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-sbxss	Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability	4.8	CVE-2019-12668	2019-09-25T16:00:00
cisco-sa-20160525-ipv6	Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability	5.8	CVE-2016-1409	2016-05-25T16:00:00
cisco-sa-20170629-snmp	SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software	8.8	CVE-2017-6736	2017-06-29T16:00:00
cisco-sa-20170317-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability	9.8	CVE-2017-3881	2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2019-1746	2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos	Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability	8.6	CVE-2019-1737	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert	Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability	5.9	CVE-2019-1757	2019-03-27T16:00:00
cisco-sa-20190327-evss	Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2019-1750	2019-03-27T16:00:00
cisco-sa-20190109-tcp	Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability	6.8	CVE-2018-0282	2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-cmp	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2018-0475	2018-09-26T16:00:00
cisco-sa-20180926-tacplus	Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability	6.8	CVE-2018-15369	2018-09-26T16:00:00
cisco-sa-20180926-vtp	Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability	4.3	CVE-2018-0197	2018-09-26T16:00:00
cisco-sa-20180926-errdisable	Cisco IOS XE Software Errdisable Denial of Service Vulnerability	7.4	CVE-2018-0480	2018-09-26T16:00:00
cisco-sa-20180328-bfd	Cisco IOS and IOS XE Software Bidirectional Forwarding Detection Denial of Service Vulnerability	8.6	CVE-2018-0155	2018-03-28T16:00:00
cisco-sa-20180328-smi	Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability	8.6	CVE-2018-0156	2018-03-28T16:00:00
cisco-sa-20180328-smi2	Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability	9.8	CVE-2018-0171	2018-03-28T16:00:00
cisco-sa-20180328-lldp	Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	8.8	CVE-2018-0167	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3	Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability	8.6	CVE-2018-0174	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1	Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability	8.6	CVE-2018-0172	2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2	Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability	8.6	CVE-2018-0173	2018-03-28T16:00:00
cisco-sa-20180328-ike-dos	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability	8.6	CVE-2018-0159	2018-03-28T16:00:00
cisco-sa-20180328-privesc1	Cisco IOS XE Software User EXEC Mode Root Shell Access Vulnerabilities	7.8	CVE-2018-0169	2018-03-28T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00
cisco-sa-20171103-bgp	Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial of Service Vulnerability	6.8	CVE-2017-12319	2017-11-03T16:00:00
cisco-sa-20170927-ike	Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability	8.6	CVE-2017-12237	2017-09-27T16:00:00
cisco-sa-20170927-pnp	Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability	8.7	CVE-2017-12228	2017-09-27T16:00:00
cisco-sa-20170727-ospf	Multiple Cisco Products OSPF LSA Manipulation Vulnerability	4.2	CVE-2017-6770	2017-07-27T16:00:00
cisco-sa-20170322-dhcpc	Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability	8.6	CVE-2017-3864	2017-03-22T16:00:00
cisco-sa-20170322-webui	Cisco IOS XE Software Web User Interface Denial of Service Vulnerability	8.6	CVE-2017-3856	2017-03-22T16:00:00
cisco-sa-20161115-iosxe	Cisco IOS XE Software Directory Traversal Vulnerability	1.5	CVE-2016-6450	2016-11-15T16:00:00
cisco-sa-20160916-ikev1	IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products	7.8	CVE-2016-6415	2016-09-16T16:00:00
cisco-sa-20160928-aaados	Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability	7.1	CVE-2016-6393	2016-09-28T16:00:00
cisco-sa-20160928-dns	Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability	8.3	CVE-2016-6380	2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1	Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability	7.1	CVE-2016-6381	2016-09-28T16:00:00
cisco-sa-20160928-msdp	Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities	7.8	CVE-2016-6382	2016-09-28T16:00:00
cisco-sa-20160928-smi	Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability	7.8	CVE-2016-6385	2016-09-28T16:00:00
cisco-sa-20160928-frag	Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability	7.8	CVE-2016-6386	2016-09-28T16:00:00

Any Comments ?

sha256: 6ab81f9b045a4de2e9b66ef802fe94d2210aa108290fb0c849696f5a7e99eac4

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.06.E

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-snmp-dos-USxSyTk5	Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	7.7	CVE-2020-3235	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq	Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	6.8	CVE-2020-3209	2020-06-03T16:00:00
cisco-sa-priv-esc1-OKMKFRhV	Cisco IOS XE Software Privilege Escalation Vulnerability	6.7	CVE-2020-3215	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-sbxss	Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability	4.8	CVE-2019-12668	2019-09-25T16:00:00
cisco-sa-20190925-vman	Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability	6.7	CVE-2019-12662	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos	Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability	7.4	CVE-2019-1746	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-call-home-cert	Cisco IOS and IOS XE Software Smart Call Home Certificate Validation Vulnerability	5.9	CVE-2019-1757	2019-03-27T16:00:00
cisco-sa-20190327-evss	Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2019-1750	2019-03-27T16:00:00
cisco-sa-20190109-tcp	Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability	6.8	CVE-2018-0282	2019-01-09T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak	Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability	6.8	CVE-2018-15377	2018-09-26T16:00:00

Any Comments ?

sha256: 197718c2b28d9ab55520a09e39a603e394e0401dea6a94a3752eeb18bec4f18a

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 17.01.01

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-ios-profinet-dos-65qYG3W5	Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2020-3512	2020-09-24T16:00:00
cisco-sa-profinet-J9QMCHPB	Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability	7.4	CVE-2020-3409	2020-09-24T16:00:00
cisco-sa-xbace-OnCEbyS	Cisco IOS XE Software Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3417	2020-09-24T16:00:00
cisco-sa-iosxe-isdn-q931-dos-67eUZBTf	Cisco IOS and IOS XE Software ISDN Q.931 Denial of Service Vulnerability	7.4	CVE-2020-3511	2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF	Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability	6.1	CVE-2020-3479	2020-09-24T16:00:00
cisco-sa-splitdns-SPWqpdGW	Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability	8.6	CVE-2020-3408	2020-09-24T16:00:00
cisco-sa-ios-lua-rce-7VeJX4f	Cisco IOS XE Software Arbitrary Code Execution Vulnerability	5.1	CVE-2020-3423	2020-09-24T16:00:00
cisco-sa-iosxe-cmdinj-2MzhjM6K	Cisco IOS XE Software Command Injection Vulnerability	6.7	CVE-2020-3403	2020-09-24T16:00:00
cisco-sa-COPS-VLD-MpbTvGEW	Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability	8.6	CVE-2020-3526	2020-09-24T16:00:00
cisco-sa-le-drTOB625	Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability	7.4	CVE-2020-3465	2020-09-24T16:00:00
cisco-sa-ISR4461-gKKUROhx	Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability	8.6	CVE-2020-3414	2020-09-24T16:00:00
cisco-sa-iosxe-rsp3-rce-jVHg8Z7c	Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities	6.7	CVE-2020-3416	2020-09-24T16:00:00
cisco-sa-iosxe-dhcp-dos-JSCKX43h	Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability	8.6	CVE-2020-3509	2020-09-24T16:00:00
cisco-sa-iosxe-iox-app-host-mcZcnsBt	Cisco IOS XE Software IOx Application Hosting Privilege Escalation Vulnerability	6.0	CVE-2020-3393	2020-09-24T16:00:00
cisco-sa-ipsla-jw2DJmSv	Cisco IOS XE Software IP Service Level Agreements Denial of Service Vulnerability	8.6	CVE-2020-3422	2020-09-24T16:00:00
cisco-sa-ios-webui-priv-esc-K8zvEWM	Cisco IOS XE Software Privilege Escalation Vulnerabilities	8.8	CVE-2020-3141	2020-09-24T16:00:00
cisco-sa-confacl-HbPtfSuO	Cisco IOS XE Software RESTCONF and NETCONF-YANG Access Control List Denial of Service Vulnerability	8.6	CVE-2020-3407	2020-09-24T16:00:00
cisco-sa-ios-xe-webui-multi-vfTkk7yr	Cisco IOS XE Software Web Management Framework Vulnerabilities	4.3	CVE-2020-3474	2020-09-24T16:00:00
cisco-sa-zbfw-94ckG4G	Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities	8.6	CVE-2020-3421	2020-09-24T16:00:00
cisco-sa-capwap-dos-TPdNTdyq	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities	7.4	CVE-2020-3486	2020-09-24T16:00:00
cisco-sa-capwap-dos-ShFzXf	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability	8.6	CVE-2020-3399	2020-09-24T16:00:00
cisco-sa-ewlc-icmpv6-qb9eYyCR	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability	4.7	CVE-2020-3418	2020-09-24T16:00:00
cisco-sa-iosxe-ewlc-snmp-dos-wNkedg9K	Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability	7.4	CVE-2020-3390	2020-09-24T16:00:00
cisco-sa-telnetd-EFJrEzPx	Telnet Vulnerability Affecting Cisco Products: June 2020	9.8	CVE-2020-10188	2020-06-24T16:00:00
cisco-sa-iosxe-ewlc-dos-TkuPVmZN	Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability	8.6	CVE-2020-3203	2020-06-03T16:00:00
cisco-sa-20170726-anicrl	Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability	6.5	CVE-2017-6664	2017-07-26T16:00:00
cisco-sa-20170726-aniacp	Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability	7.4	CVE-2017-6665	2017-07-26T16:00:00
cisco-sa-20170726-anidos	Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability	7.4	CVE-2017-6663	2017-07-26T16:00:00

Any Comments ?

sha256: 7ddd18e78e70dc6896588bffe741600078f06f5fe0bb7a55aa1fabb5979528b9

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.4(1)SY4

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-ios-bgp-evpn-dos-LNfYJxfF	Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability	6.1	CVE-2020-3479	2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF	Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability	6.5	CVE-2020-3201	2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-identd-dos	Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability	8.6	CVE-2019-12647	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-c6500	Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability	4.7	CVE-2019-1758	2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-pnp-memleak	Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability	6.8	CVE-2018-15377	2018-09-26T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00

Any Comments ?

sha256: c3e4b89e9a31fa5a69fa1ff4839762a32c00430cb927caaf267501554832ac61

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.2(1)SY5

Advisory-ID	Impact	CVSS	CVE	First Published
cisco-sa-info-disclosure-V4BmJBNF	Cisco IOS and IOS XE Software Information Disclosure Vulnerability	5.5	CVE-2020-3477	2020-09-24T16:00:00
cisco-sa-tcl-dos-MAZQUnMF	Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability	6.5	CVE-2020-3201	2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a	Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability	7.5	CVE-2020-3230	2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A	Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability	7.7	CVE-2020-3200	2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm	Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability	6.7	CVE-2020-3204	2020-06-03T16:00:00
cisco-sa-sxp-68TEVzR	Cisco IOS, IOS XE, and NX-OS Software Security Group Tag Exchange Protocol Denial of Service Vulnerability	6.8	CVE-2020-3228	2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC	Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability	8.8	CVE-2020-3217	2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf	Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability	8.8	CVE-2019-16009	2020-01-08T16:00:00
cisco-sa-20190925-tsec	Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability	6.8	CVE-2019-12669	2019-09-25T16:00:00
cisco-sa-20190925-http-client	Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability	4.8	CVE-2019-12665	2019-09-25T16:00:00
cisco-sa-20190925-identd-dos	Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability	8.6	CVE-2019-12647	2019-09-25T16:00:00
cisco-sa-20190327-ios-infoleak	Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability	4.3	CVE-2019-1761	2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos	Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability	8.6	CVE-2019-1737	2019-03-27T16:00:00
cisco-sa-20190327-pnp-cert	Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability	7.4	CVE-2019-1748	2019-03-27T16:00:00
cisco-sa-20190327-c6500	Cisco IOS Software Catalyst 6500 Series 802.1x Authentication Bypass Vulnerability	4.7	CVE-2019-1758	2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos	Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability	7.4	CVE-2018-15373	2018-09-26T16:00:00
cisco-sa-20180926-vtp	Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability	4.3	CVE-2018-0197	2018-09-26T16:00:00
cisco-sa-20180328-lldp	Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities	8.8	CVE-2018-0167	2018-03-28T16:00:00
cisco-sa-20170419-energywise	Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities	8.6	CVE-2017-3860	2017-04-19T16:00:00

Any Comments ?

sha256: bce3f1e18d4915a7635960f328d32af63e5d8aa804d1e1105dcea0da79e1b5e0

Security

OpenBSD - Full Disk Encryption

Intro

Cisco Router, SSH, PubKey, ...

Intro

Hardware

Software

Area 41

Area41

AGE - Encrypt Files with SSH Keys

Source

Install Package

Asymmetric Encryption

CAS@OST

Vuln IOS XE 03.06.04

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.06.04.E

Vuln IOS XE 03.08.06

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.06.E

Vuln IOS XE 17.01.01

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 17.01.01

Vuln IOS 15.4(1)SY4

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.4(1)SY4

Vuln IOS 15.2(1)SY5

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.2(1)SY5