ID

VAR-200710-0329

CVE

CVE-2007-5571

TITLE

Cisco FWSM Vulnerabilities that can bypass network traffic restrictions

DESCRIPTION

Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edited ACLs, which might allow remote attackers to bypass intended restrictions on network traffic, aka CSCsj52536. Three vulnerabilities were reported in total: 1. Specially crafted HTTPS may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service. 2. Specially crafted MGCP packets may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service. 3. Manipulating Access Control Entries (ACE) in the ACL via the command line or ASDM (Adaptive Security Device Manager) may inadvertently cause them to not be evaluated. This will corrupt ACLs. Cisco FWSM is a firewall service module on Cisco equipment. ACLs can be controlled through the command line interface or ASDM, including removing and re-adding ACEs. If the access list is controlled in this way, the internal structure of the ACL will be broken, causing FWSM to not evaluate some ACEs. Because the ACEs in the ACL are not evaluated, the ACL may allow traffic that would normally be denied, or deny traffic that would normally be allowed. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Cisco FWSM HTTPS/MGCP Packet Processing Denial of Service SECUNIA ADVISORY ID: SA27236 VERIFY ADVISORY: http://secunia.com/advisories/27236/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Cisco Firewall Services Module (FWSM) 3.x http://secunia.com/product/8614/ DESCRIPTION: Cisco has acknowledged some vulnerabilities in Cisco Firewall Services Module (FWSM), which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An unspecified error exists within the handling of HTTPS packets. Successful exploitation requires that the HTTPS server is enabled (disabled by default). 2) An unspecified error exists within the handling of Media Gateway Control Protocol (MGCP) packets. Successful exploitation requires that the MGCP application layer protocol inspection is enabled (disabled by default). NOTE: An error when loading manipulated ACLs (Access Control Lists) is also reported. SOLUTION: Update to a fixed version (please see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

permissions and access control issues

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Cisco Security bulletin

SOURCES

LAST UPDATE DATE

2024-11-23T22:19:38.176000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE