SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (Firewall)  >   Cisco Firewall Service Module Vendors:   Cisco
Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service
SecurityTracker Alert ID:  1027640
SecurityTracker URL:  http://securitytracker.com/id/1027640
CVE Reference:   CVE-2012-4661, CVE-2012-4662, CVE-2012-4663   (Links to External Site)
Date:  Oct 10 2012
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.1(9)
Description:   Several vulnerabilities were reported in Cisco Firewall Services Module. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.

A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload [CVE-2012-4661].

Cisco has assigned Cisco bug ID CSCtr27522 to this vulnerability.

A remote user can send specially crafted DCERPC data through the target device to cause the target device to reload [CVE-2012-4662, CVE-2012-4663].

Cisco has assigned Cisco bug IDs CSCtr27524 and CSCtr27521 to these vulnerabilities.

Impact:   A remote user can execute arbitrary code on the target system.

A remote user can cause the target system to reload.

Solution:   The vendor has issued a fix (4.1(9)).

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm (Links to External Site)
Cause:   Boundary error, Input validation error, State error
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Wed, 10 Oct 2012 12:10:54 -0400
Subject:  Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Multiple Vulnerabilities in Cisco Firewall Services Module

Advisory ID: cisco-sa-20121010-fwsm

Revision 1.0

For Public Release 2012 October 10 16:00  UTC (GMT)
- ----------------------------------------------------------------------

Summary
=======

The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500
Series Switches and Cisco 7600 Series Routers is affected by the
following vulnerabilities:

DCERPC Inspection Buffer Overflow Vulnerability
DCERPC Inspection
Denial Of Service Vulnerabilities

These vulnerabilities are not interdependent; a release that is
affected by one vulnerability is not necessarily affected by the other.

Exploitation of these vulnerabilities could allow an unauthenticated,
remote attacker to trigger a reload of the affected device, or to
execute arbitrary commands.  Repeated exploitation could result in a
denial of service (DoS) condition.

Cisco has released free software updates that address these
vulnerabilities. There are no workarounds that mitigate these
vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm

Note: The Cisco Catalyst 6500 Series ASA Services Module, and the
Cisco ASA 5500 Series Adaptive Security Appliance may also be affected
by these vulnerabilities.

The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA
Services Module and Cisco ASA 5500 Series Adaptive Security Appliance
have been disclosed in a separate Cisco Security Advisory. The
Advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlB1h6AACgkQUddfH3/BbTrdbQD/WPf0vA8pJbKyFgfDQ0rol2r4
AAAdCeOQlELptysCaYsBAIZP/vuW1jX43H6pLgx9xBum9wcNBvhzG1m9Bip+nGbH
=e0NQ
-----END PGP SIGNATURE-----
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC