CERT-In Vulnerability Note CIVN-2008-61
Cisco Content Switching Module Memory Leak Vulnerability
Original Issue Date:
May 23, 2008
Severity Rating:
High
System Affected
- CSM 4.2(3), 4.2(3a), 4.2(4), 4.2(5), 4.2(6), 4.2(7), and 4.2(8)
- CSM-S 2.1(2), 2.1(3), 2.1(4), 2.1(5), 2.1(6), and 2.1(7)
Overview
A vulnerability has been reported in Cisco Catalyst Content Switching Module (CSM) and Cisco Catalyst Content Switching Module with SSL (CSM-S), which can be exploited attackers to cause a DoS (Denial of Service).
Description
The Cisco CSM is a line card for the Cisco Cat6500 Series Switch. It provides a high-performance, cost-effective load-balancing solution for enterprise and Internet service provider networks, allowing these organizations to provide customers, employees, and business partners with the best possible online experience. The Cisco CSM-S is a single module for the Cisco Catalyst 6500 that combines content switching with Secure Sockets Layer (SSL) acceleration.
The vulnerability is due to a memory leak error when processing TCP segments with a specific combination of TCP flags. This causes a failure to make a load balancing decision because servers behind the CSM/CSM-S are overloaded and/or fail to accept a TCP connection. Successful exploitation requires that CSM or CSM-S is configured for layer 7 load balancing.
Solution
Update to CSM version 4.2.9 or CSM-S version 2.1.8.
Vendor Information
Cisco
http://www.cisco.com/en/US/products/products_security_advisory
09186a0080995684.shtml
References
AusCERT
http://www.auscert.org.au/render.html?it=9292
FrSIRT
www.frsirt.com/english/advisories/2008/1532
Secunia
http://secunia.com/advisories/30223/
CVE-Name
CVE-2008-1749
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
