• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco Firewall Services Module Multiple DoS and ACL Corruption Vulnerabilities

Cisco Firewall Services Module (FWSM) is prone to multiple denial-of-service vulnerabilities and a vulnerability that could let attackers corrupt ACLs (access control lists).

Three vulnerabilities were reported in total:

1. Specially crafted HTTPS may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service.

2. Specially crafted MGCP packets may cause the FWSM to reload. If exploited repeatedly, this could cause a persistent denial of service.

3. Manipulating Access Control Entries (ACE) in the ACL via the command line or ASDM (Adaptive Security Device Manager) may inadvertently cause them to not be evaluated. This will corrupt ACLs.