Vulnerabilidades Cisco Crypto e SSL (Pix, IOS, Call Manager) PDF Imprimir
Categoria: Alertas
quarta, 23 maio 2007 12:27
Sistemas Operativos Implicados: Cisco IOS
Aplicações Implicadas: Indefinido

Dois avisos de vulnerabilidades, que afectam produtos que utilizem bibliotecas criptográficas e ainda que utilizem o protocolo SSL, foram anunciadas pela Cisco. Estas vulnerabilidades podem originar um ataque DoS aos produtos que as possuem.

I. Descrição

1) A vulnerability has been discovered in a third party cryptographic library which is used by a number of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation One (ASN.1) object is parsed. Due to the nature of the vulnerability it may be possible, in some cases, to trigger this vulnerability without a valid certificate or valid application-layer credentials (such as a valid username or password).

The vulnerable cryptographic library is used in the following Cisco products: Cisco IOS
• Cisco IOS XR
• Cisco PIX and ASA Security Appliances (only 7.x releases are affected)
• Cisco Firewall Service Module (FWSM), all releases prior 2.3(5) and 3.1(6) are affected
• Cisco Unified CallManager

2) Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device.

Cisco IOS is affected by the following vulnerabilities:
• Hyper Text Transfer Protocol over SSL (HTTPS). This is the most commonly used protocol that employs SSL.
• Cisco Network Security (CNS) Agent with SSL support
• Firewall Support of HTTPS Authentication Proxy
• Cisco IOS Clientless SSL VPN (WebVPN) support

Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker to decrypt any previously encrypted information.


II. Solução

Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.

A combined software table for Cisco IOS only is available at http://www.cisco.com/warp/public/707/cisco-sa-20070522-cry-bundle.shtml and can be used to choose a software release which fixes all security vulnerabilities published as of May 22, 2007.

III. Referências

Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml

Secunia:
http://secunia.com/advisories/25361/



Missão

O CERT.PT tem como missão contribuir para o esforço de cibersegurança nacional nomeadamente no tratamento e coordenação da resposta a incidentes, na produção de alertas e recomendações de segurança e na promoção de uma cultura de segurança em Portugal.

PT EN
Participe Incidente

Contactos

Av. do Brasil 101 
1700-066 Lisboa 
Portugal

Tel: +351 218440177 (9h30-12h30, 14h00-17h30; GMT)  
Fax: +351 218472167

email:

pgp: 342A 17BA DF71 E193 6871 0357 8BDE A247 C523 AAE7

Filiação

FIRST
Acreditação Internacional
Membro da Rede Nacional CSIRTs

Feeds RSS

Alertas

Recomendações

Notícias