|
Information Security News
mailing list archives
Cisco warns of firewall flaw in its Catalyst switches, 7600 Series routers
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 20 Dec 2007 00:21:15 -0600 (CST)
http://www.networkworld.com/news/2007/121907-cisco-firewall-flaw.html
By Linda Leung
NetworkWorld.com
12/19/07
Cisco is warning that a flaw in its Firewall Services Module could
result in a reload of the module, or if exploited repeatedly, could
result in a sustained denial-of-service attack.
FWSM is an integrated firewall module for Cisco Catalyst 6500 switches
and Cisco 7600 Series routers.
In its security alert issued Wednesday, Cisco says there are "no known
instances of intentional exploitation of this issue," but that it has
"observed data streams that appear to be unintentionally triggering this
vulnerability."
According to the security advisory, the security hole could be
"triggered with standard network traffic, which is passed through the
Application Layer Protocol Inspection process."
The only FWSM release affected by this vulnerability is FWSM System
Software version 3.2(3).
FWSM software version 3.2(4) contains the fixes for the vulnerability
and will be available for download the week beginning Dec. 31 at this
URL [1].
A workaround for this vulnerability can be found at the security
advisory [2].
All contents copyright 1995-2007 Network World, Inc.
[1] http://www.cisco.com/pcgi-bin/tablebuild.pl/cat6000-fwsm?psrtdcat20e2
[2] http://www.cisco.com/en/US/products/products_security_advisory09186a008091b11d.shtml
__________________________________________________________________
Visit InfoSec News
http://www.infosecnews.org/
 By Date 
By Thread
Current thread:
- Cisco warns of firewall flaw in its Catalyst switches, 7600 Series routers InfoSec News (Dec 19)
|
Intro
