Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2007-0774 to a friend New vulnerability? New tool? Tell us	CVE-2007-0774 Cisco Wireless Control System Tomcat mod_jk.so Vulnerability     Credit: The information has been provided by Cisco Systems Product Security Incident Response Team. The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20080130-wcs.shtml#@ID Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2007-0774 Details Check for CVE-2007-0774 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Products Cisco WCS devices running software 3.x and 4.0.x prior to 4.0.100.0 are affected by this vulnerability. Cisco WCS devices running software 4.1.x and 4.2.x prior to to version 4.2.62.0 are also vulnerable. Note: The version of WCS software installed on a particular device can be found via the WCS HTTP management interface. Select Help -> About the Software to obtain the software version. Details The Cisco Wireless Control System is a centralized, systems-level platform for managing and controlling lightweight access points, wireless LAN controllers, and Wireless Location Appliances for the Cisco Unified Wireless Network. The Cisco Wireless Control System uses Apache Tomcat. A vulnerability in Apache Tomcat may allow for remote code execution attacks. The mod_jk.so URI handler does not handle long URLs correctly. An insecure memory copy triggers an exploitable stack overflow. This vulnerability is documented in CVE-2007-0774 and in Cisco bug ID CSCsk18191 ( registered customers only) . Impact Successful exploitation of the vulnerability may result in remote code execution. Workarounds The following workarounds can be implemented. Transit ACLs (tACL) Filters that deny HTTPS packets using TCP port 443 should be deployed throughout the network as part of a tACL policy for protection of traffic which enters the network at ingress access points. This policy should be configured to protect the network device where the filter is applied and other devices behind it. Filters for HTTPS packets using TCP port 443 should also be deployed in front of vulnerable network devices so that traffic is only allowed from trusted clients. Additional information about tACLs is available in "Transit Access Control Lists: Filtering at Your Edge": http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml Additional Mitigation Techniques Additional mitigation techniques that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this advisory: http://www.cisco.com/warp/public/707/cisco-amb-20080130-wcs.shtml  Comments on CVE-2007-0774:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®