nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Cisco Firewall Services Module TCP ACL Bypass Vulnerability

From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 12 May 2005 18:36:06 GMT


Via FrSIRT:
 http://www.frsirt.com/english/advisories/2005/0527

- ferg

[snip]

 * Technical Description *

A new vulnerability was identified in Cisco products, which may be exploited by attackers to bypass the security 
restrictions. The flaw resides in the Cisco Firewall Services Module (FWSM) when configured for exceptions in content 
filtering, which may be exploited by attackers to bypass access-list entries intended to explicitly filter inbound TCP 
packets.

 * Affected Products *

Catalyst 6500 series switches
Cisco 7600 series routers 

 * Solution *

Upgrade to Cisco FWSM version 2.3(2) :
http://www.cisco.com/warp/public/707/cisco-sa-20050511-url.shtml

[snip]

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/
Previous By Date Next
Previous By Thread Next

Current thread: