CVE-2003-1002 |
|
发布时间 :2004-01-05 00:00:00 | ||
修订时间 :2008-09-10 15:21:24 | ||||
NMCO |
[原文]Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
[CNNVD]Cisco FWSM多个安全漏洞(CNNVD-200401-024)
CISCO FWSM是CISCO设备上的防火墙服务模块。
CISCO FWSM存在2个漏洞,允许远程攻击者进行拒绝服务攻击或在设备上执行任意指令。
CSCeb16356 (HTTP Auth)漏洞:
传递使用TACACS+或RADIUS验证的HTTP Auth请求,可使Cisco FWSM由于发送缓冲区溢出崩溃并重载。这个请求可以由用户通过发起FTP,TELNET或者HTTP连接而初始化。如果用户名和密码被指定的ACACS+或RADIUS服务器验证通过,Cisco FWSM才允许通信通过。
CSCeb88419 (SNMPv3)漏洞
当Cisco FWSM模块上配置snmp-server host
只要当Cisco FWSM模块上配置snmp-server host
- CVSS (基础分值)
CVSS分值: | 5 | [中等(MEDIUM)] |
机密性影响: | NONE | [对系统的机密性无影响] |
完整性影响: | NONE | [不会对系统完整性产生影响] |
可用性影响: | PARTIAL | [可能会导致性能下降或中断资源访问] |
攻击复杂度: | LOW | [漏洞利用没有访问限制 ] |
攻击向量: | [--] | |
身份认证: | NONE | [漏洞利用无需身份认证] |
- CPE (受影响的平台与产品)
cpe:/o:cisco:catos:7.5%281%29 | Cisco CatOS 7.5 (1) |
cpe:/h:cisco:catalyst_7600_ws-x6380-nam:3.1%281a%29 | Cisco Catalyst 7600 3.1 (1a)WS-X6380-NAM |
cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:3.1%281a%29 | Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-2 |
cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:3.1%281a%29 | Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-2 |
cpe:/o:cisco:catos:5.4%281%29 | Cisco CatOS 5.4 (1) |
cpe:/h:cisco:firewall_services_module | Cisco Firewall Services Module |
cpe:/h:cisco:catalyst_6500_ws-x6380-nam:3.1%281a%29 | Cisco Catalyst 6500 3.1 (1a)WS-X6380-NAM |
cpe:/h:cisco:firewall_services_module:1.1.2 | Cisco Firewall Services Module 1.1.2 |
cpe:/h:cisco:catalyst_6500_ws-x6380-nam:2.1%282%29 | Cisco Catalyst 6500 2.1 (2)WS-X6380-NAM |
cpe:/h:cisco:catalyst_7600_ws-x6380-nam:2.1%282%29 | Cisco Catalyst 7600 2.1 (2)WS-X6380-NAM |
cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:2.2%281a%29 | Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-1 |
cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:2.2%281a%29 | Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-2 |
cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:2.2%281a%29 | Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-1 |
cpe:/o:cisco:catos:7.6%281%29 | Cisco CatOS 7.6 (1) |
cpe:/h:cisco:catalyst_6500 | Cisco Catalyst 6500 |
cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:3.1%281a%29 | Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-1 |
cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:2.2%281a%29 | Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-2 |
cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:3.1%281a%29 | Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-1 |
- OVAL (用于检测的技术细节)
未找到相关OVAL定义 |
- 官方数据库链接
- 其它链接及资源
http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml (VENDOR_ADVISORY) CISCO 20031215 Cisco FWSM Vulnerabilities |
- 漏洞信息
Cisco FWSM多个安全漏洞 | |
中危 | 未知 |
2004-01-05 00:00:00 | 2005-10-20 00:00:00 |
远程 | |
CISCO FWSM是CISCO设备上的防火墙服务模块。 CISCO FWSM存在2个漏洞,允许远程攻击者进行拒绝服务攻击或在设备上执行任意指令。 CSCeb16356 (HTTP Auth)漏洞: 传递使用TACACS+或RADIUS验证的HTTP Auth请求,可使Cisco FWSM由于发送缓冲区溢出崩溃并重载。这个请求可以由用户通过发起FTP,TELNET或者HTTP连接而初始化。如果用户名和密码被指定的ACACS+或RADIUS服务器验证通过,Cisco FWSM才允许通信通过。 CSCeb88419 (SNMPv3)漏洞 当Cisco FWSM模块上配置snmp-server host 只要当Cisco FWSM模块上配置snmp-server host |
- 公告与补丁
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁: * 限制只有可信主机才能轮询FWSM上的SNMP服务: snmp-server host 也可按照如下方法关闭SNMP服务: no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps 厂商补丁: Cisco ----- FWSM 1.1.3已经修正这两个漏洞,建议用户通过Cisco software Center获得升级程序: http://www.cisco.com/ 要访问此下载URL,你必须是注册用户和必须登录后才能使用。 事先或目前与第三方支持组织,如Cisco合作伙伴、授权零售商或服务商之间已有协议,由第三方组织提供Cisco产品或技术支持的用户可免费获得升级支持。 直接从Cisco购买产品但没有Cisco服务合同的用户和由第三方厂商购买产品但无法从销售方获得已修复软件的用户可从Cisco技术支持中心(TAC)获取升级软件。TAC联系方法: * +1 800 553 2447 (北美地区免话费) * +1 408 526 7209 (全球收费) * e-mail: tac@cisco.com 查看 http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml 获取额外的TAC联系信息,包括特别局部的电话号码,各种语言的指南和EMAIL地址。 |
- 漏洞信息
3025 | |
Cisco Firewall Services Module DoS | |
Remote / Network Access | Denial of Service |
Loss of Availability | Upgrade |
Exploit Unknown | Vendor Verified |
- 漏洞描述
Cisco Firewall Services Module contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker sends a specially-crafted SNMP message. The attack will cause an overflow resulting in loss of availability for the device. |
- 时间线
2003-12-15 | Unknow |
Unknow | Unknow |
- 解决方案
Upgrade to FWSM version 1.1.3 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): Restrict access to only allow trusted hosts on specific interfaces to poll the SNMP server on the FWSM. |
- 相关参考
|
漏洞作者
Unknown or Incomplete |