Reported December 15, 2003 by Cisco.

 

 

VERSIONS AFFECTED

 

  • Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers

 

DESCRIPTION

 

Two vulnerabilities in the Cisco Firewall Services Module (FWSM) can result in a Denial of Service (DoS) condition on the vulnerable system. These two vulnerabilities are as follows:

 

·         The FWSM might crash and reload because of a buffer-overflow vulnerability while processing HTTP traffic requests for authentication using TACACS+ or RADIUS. This request is initiated when a user starts a connection through FTP, Telnet, or the Internet (HTTP) and is prompted for his or her username and password. If the designated TACACS+ or RADIUS authentication server verifies the username and password, the FWSM will permit further traffic between the authentication server and the connection to interact independently through the FWSM's "cut-through proxy" feature.

 

·         The Cisco FWSM crashes and reloads while processing a received SNMPv3 message when snmp-server host <ip_addr> is configured on the FWSM. This problem occurs even though the FWSM doesn't support SNMPv3.

<span style="font-family:Verdana"> </h3>

VENDOR RESPONSE

 

Cisco has released a security bulletin concerning these vulnerabilities and recommends that affected customers obtain the patch available through normal support channels.

 

CREDIT

 

Discovered by Cisco.