Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability

Fabricante: CISCO
Fecha: 19/02/2014
Identificador: cisco-sa-20140219-fwsm
Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability Advisory ID: cisco-sa-20140219-fwsm Revision 1.0 For Public Release 2014 February 19 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Cisco Firewall Services Module (FWSM) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to a race condition when releasing the memory allocated by the cut-through proxy function. An attacker could exploit this vulnerability by sending traffic to match the condition that triggers cut-through proxy authentication. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate the vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-fwsm -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iF4EAREKAAYFAlMEtNcACgkQUddfH3/BbTqQ+wD+NFmMxteh3LtLTfRu/MLP3fUd 1JUZsmYsfWURrVRYKWIA/jCIeNeOrEZk3+us7+gkLQ0m8CPFzYtwmJv0WAuUz4nL =CKL7 -----END PGP SIGNATURE-----