CERT-In Vulnerability Note CIVN-2008-67
Cisco Service Control Engine Denial of Service Vulnerabilities
Original Issue Date:
May 28, 2008
Severity Rating:
High
System Affected
- Service Control Engine (SCE) 1000 and 2000 series
Overview
Multiple vulnerabilities were reported in Cisco Service Control Engine which may trigger during the SSH login activity. A remote user can cause denial of service conditions. The attacker can send specially crafted data to cause management access to become unavailable or cause the target device to reload.
Description
Cisco Service Control Engine (SCE) is a network component and it is used for stateful deep packet inspection, bandwidth optimization, session-based classification and control of network traffic . The following vulnerabilities have been reported in the SCE which could be exploited by remote attacker to bring a DoS condition or reload the device.
1. SSH Login Vulnerability (CVE-2008-0534)
Cisco Service Control Engine (SCE) versions prior to 3.1.6 contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability. This vulnerability is due to an error that occurs during repeated SSH login attempts that take place in very short intervals. These operations could allow an unauthenticated, remote attacker to cause system instability or cause the SCE to reload. If the SSH server is called repeatedly, certain SSH processes may be temporarily unavailable. An exploit could result in a DoS condition.
2. SSH Login with concurrent management task Vulnerability
(CVE-2008-0536)
Cisco Service Control Engine (SCE) versions prior to 3.0.7 and 3.1.0 contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability exists due to errors in processing SSH login requests combined with other management operations. The processing of normal SSH logins while processing other management requests may trigger an illegal I/O operation. This error may cause the SCE management agent to become unresponsive, resulting in a DoS condition.
3. SSH Authentication sequence anomaly (CVE-2008-0535)
Cisco Service Control Engine (SCE) versions prior to 3.1.6 contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to errors in processing SSH logins. An error may occur when the affected application processes a SSH login that attempts to change the SSH authentication method. The resulting error may cause the affected system to become unstable, causing it to reload and resulting in a DoS condition
Solution
Apply appropriate fixed versions as mentioned in CISCO Security Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20080521-sce.shtml
Vendor Information
Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20080521-sce.shtml
References
AusCERT
www.auscert.org.au/render.html?it=9325
SecurityTracker
http://securitytracker.com/alerts/2008/May/1020074.html
Secunia
http://secunia.com/advisories/30316/
CVE-Name
CVE-2008-0534
CVE-2008-0536
CVE-2008-0535
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
