PIX Firewall Vulnerable to TCP RST Packets
Reported July 11 by Cisco Systems

VERSIONS AFFECTED
Cisco PIX Firewall software releases 4.2(5), 4.4(4), 5.0(3) and 5.1(1)

DESCRIPTION

Individual PIX Firewall sessions can be shut down by sending a specifically crafted TCP RST (reset) packet to the firewall device. In order for an attack to be effective the RST packet must contain valid  information for source and destination ports and addresses that matches an active session in the firewall"s connection table. Therefore, without detailed knowledge of the firewall"s connection table would be unable to deny service to active sessions. 

VENDOR RESPONSE

http://www.cisco.com/warp/public/707/pixtcpreset-pub.shtml

Cisco offers free software upgrades to correct this problem for all of their affected customers. According to Cisco"s bulletin, customers with contracts should obtain upgraded software through their regular update channels. Customers without contracts should get their upgrades by contacting the Cisco Technical Assistance Center (TAC) at 800-553-2447 (toll-free from within North America) or 408-526-7209 (toll call from anywhere in the world) or e-mail: tac@cisco.com

Additional contact information for the Cisco TAC for non-English speakers is available at http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml.

CREDIT
Discovered by Cisco Systems