HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-29
Vulnerability In Crypto Library

Original issue date: May 28, 2007

Severity Rating: High

Systems Affected

  • Cisco IOS
  • Cisco IOS XR
  • Cisco PIX and ASA Security Appliances (only 7.x releases are affected)
  • Cisco Firewall Service Module (FWSM), all releases prior 2.3(5) and 3.1(6) are affected
  • Cisco Unified CallManager

Overview

The vulnerability discovered in Crypto Library, which affects all products that use affected versions of third party cryptographic libraries and enabled applications that are using crypto-related function. Enabling any of the following application layer protocols or features can make a device vulnerable:

  • Affected protocols in Cisco IOS
  • Affected protocols in Cisco IOS XR
  • Affected protocols in Cisco Firewall Service Module (FWSM)
  • Affected protocols in Cisco Unified CallManager

Successful exploitation of this vulnerability can crash compromised device. Repeated remotely exploitation of this vulnerability can cause a DoS attack.

Description

Cisco uses cryptographic library from third party. Parsing of data structure is done as per ASN.1 standards defined by ITU- T (International Telecommunication Union - Telecommunication Standardization Sector). This vulnerability is related to the implementation of parsing certain data structures only. Protocols that use ASN.1 (e.g., voice over IP, Simple Network Management Protocol and others), but do not rely on the crypto library, are not vulnerable.

1. Affected protocols in Cisco IOS

Enabling any one of the following features can compromise and crash the device.

  • Internet Security Association and Key Management Protocol (ISAKMP)
  • Secure Socket Layer (SSL)
  • Threat Information Distribution Protocol (TIDP)
  • Cisco IOS SIP Gateway Signaling Support Over TLS (SIP-TLS)
  • Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)

2. Affected protocols in Cisco IOS XR

Enabling any of the following protocols or features can make IOS XR vulnerable:

  • Internet Security Association and Key Management Protocol (ISAKMP)
  • Secure Socket Layer (SSL)
  • Secure Shell (SSH)

3. Affected protocols in Cisco Firewall Service Module (FWSM)

Enabling the following protocol or feature can make Cisco FWSM software vulnerable:

  • Internet Security Association and Key Management Protocol (ISAKMP)

4. Affected protocols in Cisco Unified CallManager

Enabling any of the following protocols or features can make the Cisco Unified CallManager software:

  • Certificate Authority Proxy Function (CAPF)
  • Cisco TAPI Service Provider (Cisco Unified CallManager TSP)

Workarounds

  • To prevent the vulnerability disable the affected service.
  • It is possible to mitigate these vulnerabilities by preventing unauthorized hosts to access the affected devices.

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-air-20070522-
crypto.shtml

References

Secunia
http://secunia.com/advisories/25343/

US-CERT
http://www.kb.cert.org/vuls/id/754281

Security Focus
http://www.securityfocus.com/archive/1/469276/30/0/threaded

CVE Name
CVE-2006-3894

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003