Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service
SecurityTracker Alert ID: 1027640|
SecurityTracker URL: http://securitytracker.com/id/1027640
CVE-2012-4661, CVE-2012-4662, CVE-2012-4663
(Links to External Site)
Date: Oct 10 2012
Denial of service via network, Execution of arbitrary code via network, User access via network|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): prior to 4.1(9)|
Several vulnerabilities were reported in Cisco Firewall Services Module. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.|
A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload [CVE-2012-4661].
Cisco has assigned Cisco bug ID CSCtr27522 to this vulnerability.
A remote user can send specially crafted DCERPC data through the target device to cause the target device to reload [CVE-2012-4662, CVE-2012-4663].
Cisco has assigned Cisco bug IDs CSCtr27524 and CSCtr27521 to these vulnerabilities.
A remote user can execute arbitrary code on the target system.|
A remote user can cause the target system to reload.
The vendor has issued a fix (4.1(9)).|
The vendor's advisory is available at:
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm (Links to External Site)
Boundary error, Input validation error, State error|
Source Message Contents
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module|
-----BEGIN PGP SIGNED MESSAGE-----
Multiple Vulnerabilities in Cisco Firewall Services Module
Advisory ID: cisco-sa-20121010-fwsm
For Public Release 2012 October 10 16:00 UTC (GMT)
The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500
Series Switches and Cisco 7600 Series Routers is affected by the
DCERPC Inspection Buffer Overflow Vulnerability
Denial Of Service Vulnerabilities
These vulnerabilities are not interdependent; a release that is
affected by one vulnerability is not necessarily affected by the other.
Exploitation of these vulnerabilities could allow an unauthenticated,
remote attacker to trigger a reload of the affected device, or to
execute arbitrary commands. Repeated exploitation could result in a
denial of service (DoS) condition.
Cisco has released free software updates that address these
vulnerabilities. There are no workarounds that mitigate these
This advisory is available at the following link:
Note: The Cisco Catalyst 6500 Series ASA Services Module, and the
Cisco ASA 5500 Series Adaptive Security Appliance may also be affected
by these vulnerabilities.
The vulnerabilities affecting the Cisco Catalyst 6500 Series ASA
Services Module and Cisco ASA 5500 Series Adaptive Security Appliance
have been disclosed in a separate Cisco Security Advisory. The
Advisory is available at the following link:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
-----END PGP SIGNATURE-----
cust-security-announce mailing list
To unsubscribe, send the command "unsubscribe" in the subject of your message to firstname.lastname@example.org