Technical Description

A weakness has been identified in Cisco Catalyst 6500 and Cisco 7600 Series, which could be exploited by attackers to bypass security restrictions. This issue is caused by a design error where packets that are destined for the 127.0.0.0/8 network are received and processed by the Supervisor module, Multilayer Switch Feature Card (MSFC), or any other intelligent module without being filtered by existing access control lists, which could be exploited by authenticated attackers to bypass access control lists on systems that run Hybrid Mode (Catalyst OS (CatOS) software on the Supervisor Engine and IOS Software on the MSFC) and Native Mode (IOS Software on both the Supervisor Engine and the MSFC).

Affected Products

Cisco Catalyst 6500 Series versions prior to 12.2(33)SXH
Cisco 7600 Series versions prior to 12.2(33)SXH

Solution

Upgrade to version 12.2(33)SXH :
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsg02323

References

http://www.vupen.com/english/advisories/2007/3276
http://www.cisco.com/warp/public/707/cisco-sr-20070926-lb.shtml

Credits

Vulnerability reported by Lee E. Rian.

ChangeLog

2007-09-27 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.