Cisco has released multiple security advisories to address vulnerabilities in IOS Software and Unified Communications Manager. These vulnerabilities may allow an attacker to cause a denial-of-service
condition, buffer overflow, or access control list bypass.

US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.

• cisco-sa-20090923-acl : Cisco IOS Software Object-group Access Control List Bypass Vulnerability
• cisco-sa-20090923-auth-proxy : Cisco IOS Software Authentication Proxy Vulnerability
• cisco-sa-20090923-cm : Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability
• cisco-sa-20090923-cme : Cisco Unified Communications Manager Express Vulnerability
• cisco-sa-20090923-h323 : Cisco IOS Software H.323 Denial of Service Vulnerability
• cisco-sa-20090923-ios-fw : Cisco IOS Software Zone-Based Policy Firewall Vulnerability
• cisco-sa-20090923-ipsec : Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
• cisco-sa-20090923-ntp : Cisco IOS Software Network Time Protocol Packet Vulnerability
• cisco-sa-20090923-sip : Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
• cisco-sa-20090923-tls : Cisco IOS Software Crafted Encryption Packet Denial of Service Vulnerability
• cisco-sa-20090923-tunnels : Cisco IOS Software Tunnels Vulnerability
  

Read more at: US-CERT Current Activity