Public Safety Canada
Symbol of the Government of Canada
Skip to content | Skip to institutional links

Common menu bar links | Liens de navigation communs

Skip Navigation Links Home > Programs > Response > CCIRC > Analytical releases 2010 > AV10-027: Multiple Vulnerabilities in Cisco Products

Institutional links

Multiple Vulnerabilities in Cisco Products

Number: AV10-027
Date: 5 August 2010

Purpose

The purpose of this advisory is to raise awareness of multiple vulnerabilities in the Cisco ASA 5500 Series and the Cisco Firewall Services Module, which could cause a denial of service (DoS).

Assessment

Multiple vulnerabilities have been identified in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Firewall Services Module (FWSM) for the Cisco Catalyst and 6500 Series Switches and Cisco 7600 Series Routers. A remote user could send specially crafted packets to the following services and cause the target device to reload. Repeated exploitation could result in a sustained DoS condition. These vulnerabilities have a CVSS score of medium to high.

  • SunRPC Inspection DoS Vulnerabilities
  • Transport Layer Security (TLS) DoS Vulnerabilities
  • Session Initiation Protocol (SIP) Inspection DoS Vulnerability
  • Crafted Internet Key Exchange (IKE) Message DoS Vulnerability
  • TCP DoS Vulnerability

These vulnerabilities have the following CVE identifiers:
CVE-2010-1578, CVE-2010-1579, CVE-2010-1580, CVE-2010-1581, CVE-2010-2814, CVE-2010-2815, CVE-2010-2816, CVE-2010-2817, CVE-2010-2818, CVE-2010-2819, CVE-2010-2820 and CVE-2010-2821

Cisco has assigned the following bug IDs to these vulnerabilities:
CSCtc77567, CSCtc79922, CSCtc85753, CSCtd32627, CSCtf37506, CSCtf55259, CSCtd32106, CSCte46507, CSCte61710, CSCte61622, CSCte61662 and CSCtg68694

Cisco has released free software updates and workarounds to address these vulnerabilities. Links are provided in the reference section of this advisory.

Affected Products
----------

  • Cisco ASA 5500 Series Adaptive Security Appliances versions 7.0.x, 7.1.x, 7.2.x, 8.1.x and 8.2.x and 8.3.x
  • Cisco PIX 500 Series Security Appliances
  • Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers using Cisco FWSM versions 3.x and 4.x

Note:  Cisco ASA Software versions 7.1.x are affected by some of the vulnerabilities in this advisory. However, no fixed 7.1.x software versions are planned because the 7.1.x major release has reached the End of Software Maintenance Releases milestone. Refer to the link below for further information.
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/end_of_life_notice_cisco_asa_5500_series_adaptive_sec_app_sw.html

References
----------
http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml
http://securitytracker.com/alerts/2010/Aug/1024279.html
http://securitytracker.com/alerts/2010/Aug/1024280.html

Suggested action

CCIRC recommends that organizations liaise with the administrators/maintainers of the affected products to assess exposure and apply vendor-recommended updates and/or workarounds as appropriate.

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca

Date Modified: 2010-08-05
Top of Page
Top of Page
Important Notices