Reported October 3, 2001, by Cisco Systems.

VERSIONS AFFECTED

  • Cisco Secure PIX Firewalls using AAA authentication with software 4.0 through 5.3(1)

 

DESCRIPTION
A vulnerability exists in the Cisco Secure PIX Firewall Authentication that lets a Denial of Service (DoS) condition exist. When a user configures AAA (Authentication, Authorization, Accounting) authentication services on the Cisco Secure PIX Firewall, it's possible for a single-source address to consume all authentication resources, preventing other legitimate users from authenticating. This DoS affects only the authentication resources; other established traffic continues unaffected, and the DoS prevents only new authentication requests.

 

VENDOR RESPONSE

Cisco has issued a notice about this vulnerability and recommends that customers obtain a firmware upgrade through Cisco distribution channels.

 

CREDIT
Discovered by Cisco Systems.