All RVS-4000's with firmware versions less than 1.3.2.0

Unanswered Question

Hi,

For those of you without the time to explore the Cisco site. I thought you guys might want to know about the following vulnerability. Which is fixed in the latest firmware version 1.3.2.0 for the RVS-4000:

Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability

Document ID: 111641

Advisory ID: cisco-sa-20100421-vsc

http://www.cisco.com/warp/public/707/cisco-sa-20100421-vsc.shtml

Revision 1.1

Last Updated 2010 MAY 19 2030 UTC (GMT)

For Public Release 2010 APR 21 1600 UTC (GMT)

Software Versions and Fixes

To determine the software version running on a camera, administrators can click the "About" tab at the top-right of the device user interface. The software version information can be obtained on the System Status page under the "Status" tab.

The latest camera software can be downloaded at http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=282414029 ( registered customers only) .

The software version of the RVS4000 is displayed on the main router page displayed after users log in.

The latest RVS4000 software can be downloaded at http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=282413304 ( registered customers only) .

When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Small Business Support Center or your contracted maintenance provider for assistance.

Product

First Fixed Version

PVC2300

1.1.2.6

WVC200

1.2.2.0

WVC210

1.1.0.15

WVC2300

1.1.2.6

RVS4000

1.3.2.0

Bruce

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Steven DiStefano Tue, 06/01/2010 - 06:38

Yes, I posted this same information in the Video Surveillance section a few weeks ago.  it was actually a Partner on the

community who found this and brought it to our attention and we fixed it.

Thanks for cross posting here, since you are right in it also effected this router.

And a big thank you for taking the time to collaborate some very useful information with the community.  I have noticed your recent posts and I think they are well writen, helpful, and well organized.   I also like your idea of turning some threads into solutions documents and resource labs perhaps.

If you would ever like to post something of that natire, you may also.  Just creat a document with your findings.

Steve

Actions

This Discussion