Home > Documents > Security Alerts > 2007 > DoS vulnerability in multiple Cisco products

DoS vulnerability in multiple Cisco products 




                                                   JPCERT-AT-2007-0013
                                                             JPCERT/CC
                                                          May 24, 2007

                  <<< JPCERT/CC Alert 2007-05-24 >>>

             DoS vulnerability in multiple Cisco products

             http://www.jpcert.or.jp/at/2007/at070013.txt

I. Overview

  Multiple Cisco products contain a vulnerability that may cause a
Denial of Service (DoS) condition. Cisco products using RSA BSAFE
components are affected by the vulnerability reported in
"JVNVU#754281 RSA BSAFE Cert-C and Crypto-C libraries vulnerable to
Denial of Service (DoS)" by JVN on May 22, 2007.

  Exploitation of this vulnerability could allow a remote attacker to
cause a continuous Denial of Service (DoS) condition.


II. Systems Affected

  This vulnerability affects a wide range of Cisco products, 
versions, and protocols. For more information, refer to the 
advisories released by Cisco Systems.

  Products Affected
    - Cisco IOS
    - Cisco IOS XR
    - Cisco PIX and ASA Security Appliances 
        Only version 7.x is affected.
    - Cisco Firewall Service Module (FWSM) 
        All releases prior to 2.3(5) and 3.1(6) are affected.
    - Cisco Unified CallManager

  Protocols Affected
    - Internet Security Association and Key Management Protocol 
      (ISAKMP)
    - SSL (some IOS versions)
    - Threat Information Distribution Protocol (TIDP)
    - Cisco IOS SIP Gateway Signaling Support Over TLS (SIP-TLS)
    - Extensible Authentication Protocol-Transport Layer Security 
      (EAP-TLS)

  Protocols that are not listed above may be affected. For detailed 
information on combinations of vulnerable products and protocols, 
refer to the advisories released by Cisco Systems.


III. Solution

  To fix this problem, update to a fixed version of the software
provided by Cisco Systems. If it is difficult to update the product,
implement workarounds provided by Cisco Systems.

    Cisco Security Advisory: Vulnerability In Crypto Library
    Workarounds
    http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c5d.shtml#workarounds


IV. Reference Information

    Cisco Security Advisory: Vulnerability In Crypto Library
    Advisory ID: cisco-sa-20070522-crypto.shtml
    http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c5d.shtml

    Japan Vulnerability Notes JVNVU#754281
    Denial of Service (DoS) Vulnerability in RSA BSAFE Cert-C and Crypto-C
    http://jvn.jp/cert/JVNVU%23754281/index.html

    US-CERT Vulnerability Note VU#754281
    RSA BSAFE libraries denial of service vulnerability
    http://www.kb.cert.org/vuls/id/754281

    CPNI Advisory 137
    Cisco Security Advisory: Vulnerability In Crypto Library Advisory
      ID: cisco-sa-20070522-crypto
    http://www.cpni.gov.uk/Products/advisories/default.aspx?id=al-20070522-137.xml

    Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS
      While Processing SSL Packets
    Advisory ID: cisco-sa-20070522-SSL
    http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml

    Cisco Applied Intelligence Response: 
    Identifying and Mitigating Exploitation of the Multiple
      Vulnerabilities in Cisco IOS While Processing SSL Packets
    http://www.cisco.com/en/US/products/products_applied_intelligence_response09186a0080847c7e.html


  If you have any information regarding this matter, please contact us.


======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600  FAX: 03-3518-4602
http://www.jpcert.or.jp/
Top