[80811] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Cisco Firewall Services Module TCP ACL Bypass Vulnerability

daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Thu May 12 14:38:27 2005

From: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Date: Thu, 12 May 2005 18:36:06 GMT
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu

Via FrSIRT:
 http://www.frsirt.com/english/advisories/2005/0527

- ferg

[snip]

 * Technical Description *

A new vulnerability was identified in Cisco products, which may be exploited by attackers to bypass the security restrictions. The flaw resides in the Cisco Firewall Services Module (FWSM) when configured for exceptions in content filtering, which may be exploited by attackers to bypass access-list entries intended to explicitly filter inbound TCP packets.

 * Affected Products *

Catalyst 6500 series switches
Cisco 7600 series routers 

 * Solution *

Upgrade to Cisco FWSM version 2.3(2) :
http://www.cisco.com/warp/public/707/cisco-sa-20050511-url.shtml

[snip]

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg@netzero.net or fergdawg@sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[80811] in North American Network Operators' Group

Cisco Firewall Services Module TCP ACL Bypass Vulnerability

daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))Thu May 12 14:38:27 2005

daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Thu May 12 14:38:27 2005