Technical Description

Multiple vulnerabilities have been identified in Cisco Firewall Services Module (FWSM), which could be exploited by attackers to cause a denial of service or bypass security restrictions.

The first issue is caused by an error in the HTTPS server (disabled by default) when processing malformed requests coming from the 10.10.10.0/24 network, which could be exploited by attackers to reload a vulnerable application, leading to a denial of service condition.

The second vulnerability is caused by an error in the MGCP application layer protocol inspection feature (disabled by default) when processing malformed packets sent to port 2427/UDP, which could be exploited by attackers to reload a vulnerable application, creating a denial of service condition.

The third issue is caused by an error within the manipulation of ACLs, which could cause the internal structure that represents the ACL to become corrupted, resulting in the FWSM not evaluating some ACEs and allowing traffic that would normally be denied, or denying traffic that would normally be permitted.

Affected Products

Cisco Firewall Services Module (FWSM) versions 3.x

Solution

Upgrade to FWSM version 3.1(7) or 3.2(3) :
http://www.cisco.com/pcgi-bin/tablebuild.pl/cat6000-fwsm?psrtdcat20e2

References

http://www.vupen.com/english/advisories/2007/3530
http://www.cisco.com/warp/public/707/cisco-sa-20071017-fwsm.shtm

Credits

Vulnerabilities reported by the vendor.

ChangeLog

2007-10-18 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.