CERT-In Vulnerability Note CIVN-2008-152
Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet

Original Issue Date:October 08, 2008

Severity Rating: High

Systems Affected

• Devices running Cisco IOS and using SSL-based services

Overview

Cisco IOS Software contains a vulnerability that could allow remote attacker to cause a denial of service (DoS) condition.

Description

The vulnerability is due to an error by the HTTP server component during the creating of an SSL session. An attacker can exploit this vulnerability during a brief window between establishing a TCP connection but before any type of authentication credentials are exchanged. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious packets to the target device. The malicious packets could cause the target device to crash.

Workarounds

• Disable the vulnerable HTTPS service.
• Disable SSL VPN service.
• Disable vulnerable OSP service.
• Revert to HTTP protocol instead using HTTPS.

Solution

Apply appropriate fixed versions as mentioned in CISCO Security Advisory.
http://www.cisco.com/en/US/products/products_security_advisory
09186a0080a0146c.shtml

Vendor Information

CISCO
http://www.cisco.com/en/US/products/products_security_advisory
09186a0080a0146c.shtml

References

CISCO
http://tools.cisco.com/security/center/viewAlert.x?alertId=16637

AusCERT
http://www.auscert.org.au/render.html?it=9885

SecurityFocus
http://www.securityfocus.com/archive/1/496699/30/90/threaded

CVE Name
CVE-2008-3798

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003