Multiple Vulnerabilities in Cisco Firewall Service Module (FWSM)

Two vulnerabilities in the Cisco Firewall Services Module (FWSM) can result in a Denial of Service (DoS) condition on the vulnerable system.

Ken Pfeil

December 15, 2003

2 Min Read
ITPro Today logo in a gray background | ITPro Today

Reported December 15, 2003 by Cisco.

 

 

VERSIONS AFFECTED

 

  • Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers

 

DESCRIPTION

 

Two vulnerabilities in the Cisco Firewall Services Module (FWSM) can result in a Denial of Service (DoS) condition on the vulnerable system. These two vulnerabilities are as follows:

 

·        The FWSM might crash and reload because of a buffer-overflow vulnerability while processing HTTP traffic requests for authentication using TACACS+ or RADIUS. This request is initiated when a user starts a connection through FTP, Telnet, or the Internet (HTTP) and is prompted for his or her username and password. If the designated TACACS+ or RADIUS authentication server verifies the username and password, the FWSM will permit further traffic between the authentication server and the connection to interact independently through the FWSM's "cut-through proxy" feature.

 

·        The Cisco FWSM crashes and reloads while processing a received SNMPv3 message when snmp-server host is configured on the FWSM. This problem occurs even though the FWSM doesn't support SNMPv3.

 

VENDOR RESPONSE

 

Cisco has released asecurity bulletin concerning these vulnerabilities and recommends that affected customers obtain the patch available through normal support channels.

 

CREDIT

 

Discovered by Cisco.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like