Secure Login

Contact Us

Click here to send us an enquiry or request a quote.

New Business: 07774 251 556
Tel: 01509 22 5978/5979
Fax: 01158 48 4724
Email: esiss@emman.net

ESISS PGP Key can be found here or on keyservers with the key ID of B9D2DB7F

EMMAN Ltd
c/o Information Systems
The Nottingham Trent University
Burton Street
Nottingham
NG1 4BU

«
»

Multiple Vulnerabilities reported in Cisco Security Products

August 5th, 2010 | Author: Mohamed Imran

A range of vulnerabilities have been reported affecting the Cisco ASA 5500 and FWSM (Firewall Services Module). A brief description of these are as follows:

Sun RPC Inspection Denial of Service Vulnerability:

A total of three DoS vulnerabilities exist in the Sun RPC inspection feature of both ASA and FWSM. This could be triggered by specially crafted UDP traffic in transit causing the device to reload and persistent activity could lead to Denial of Service.

Transport Layer Security Denial of Service Vulnerability:

A total of three security vulnerabilities have been reported in the way ASA handle TLS security which could allow an unauthenticated user to exploit it using specially crafted TLS packets causing the device to reload. This only affects ASA configured to accept SSL VPN connections and TLS proxy setup for Encrypted Voice Inspection.

TCP Denial of Service Vulnerability:

Cisco FWSM configured with multiple security contexts and setup to accept Telnet or SSH connections are vulnerable to Denial of Service attacks which an unauthenticated attacker could exploit with a series or specially crafted TCP packets destined to the device after a successful TCP three-way handshake is established. This does not affect the ASA product.

Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerability:

A vulnerability exists in the SIP Inspection feature of the ASA could allow an unauthenticated attacker to exploit it using specially crafted SIP packets in transit causing the device to reload. Persistent attack could cause Denial of Service. This inspection feature in enabled by default on the ASA device.

Certified Internet Key Exchange (IKE) Message Denial of Service Vulnerability:

A vulnerability in the implementation of IKE (part of the IPSec protocol suite) in the ASA could allow an unauthenticated attacker to exploit it on a device setup for Site-to-Site VPN’s or IPSec remote access configured to receive such a message causing the device to reload.Persistent attack could cause Denial of Service

For further details on these vulnerabilities, recommended workarounds and how to get security fixes please visit the original posts:

http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml [Advisory for ASA]
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml [Advisory for FWSM]

Update 1 (13 Aug 2010) – Cisco have released a security advisory confirming a TCP Denial Of Service Vulnerability affecting the IOS 15.1(2) train of software released.Only TCP connections initiating or terminating at the router could trigger this vulnerability and is not affected by transit traffic. For further information on this release and information on recommended workarounds please visit the original post here.

Posted in Cisco

Comments are closed.

Copyright © 2009-12 EMMAN Ltd