[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software
From: Cisco Systems Product Security Incident Response Team <psirt@xxxxxxxxx>
Date: Wed, 17 Jul 2013 12:06:42 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Advisory ID: cisco-sa-20130717-ips

Revision 1.0

For Public Release 2013 July 17 16:00  UTC (GMT)
+---------------------------------------------------------------------

Summary
=======

Cisco Intrusion Prevention System (IPS) Software is affected by the following 
vulnerabilities:

        Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability
        Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability
        Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability
        Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability

The Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability 
could allow an unauthenticated, remote attacker to cause the MainApp process to 
become unresponsive.

The Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability could 
allow an unauthenticated, remote attacker to cause the Analysis Engine process 
to become unresponsive due to memory corruption or could cause the reload of 
the affected system. 

The Cisco IPS NME Malformed IP Packets Denial of Service Vulnerability could 
allow an unauthenticated, remote attacker to cause a reload of a Cisco 
Intrusion Prevention System Network Module Enhanced (IPS NME).

The Cisco IDSM-2 Malformed TCP Packets Denial of Service Vulnerability could 
allow an unauthenticated, remote attacker to cause the kernel of the Cisco 
Catalyst 6500 Series Intrusion Detection System (IDSM-2) Module to become 
unresponsive.

Successful exploitation of any of these vulnerabilities could result in a 
denial of service (DoS) condition.

Cisco has released free software updates that address all the vulnerabilities 
in this advisory with the exception of the Cisco IDSM-2 Malformed TCP Packets 
Denial of Service Vulnerability. Customers running a vulnerable version of the 
Cisco IDSM-2 Module should refer to the "Workarounds" section of this advisory 
for available mitigations. 

Workarounds that mitigate the Cisco IPS Software Fragmented Traffic Denial of 
Service Vulnerability and Cisco IDSM-2 Malformed TCP Packets Denial of Service 
Vulnerability are available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlHmuDoACgkQUddfH3/BbTqVGgD9GUaZyGJh2MeFZcpsPu/IkyvC
xtlb3R3Sbmc/puaRP6UBAIsCRAdxcjhBriR9wdq5AZ44SdrytmlkJMWw5/+pvxhN
=3Yzq
-----END PGP SIGNATURE-----

Prev by Date: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
Next by Date: Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units
Previous by thread: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager
Next by thread: [security bulletin] HPSBHF02888 rev.2 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution
Index(es):
- Date
- Thread