|
|
|
|
| |
Credit:
The information has been provided by Cisco PSIRT.
The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20090624-gateway.shtml
|
| |
Vulnerable Systems:
* Cisco Physical Access Gateway version 1.0
Immune Systems:
* Cisco Physical Access Gateway version 1.1
The Cisco Physical Access Gateway is the primary means for the Cisco Physical Access Control solution to connect door hardware, such as locks and readers, to an IP network. Certain crafted TCP port 443 packets may cause a memory leak that could lead to a denial of service (DoS) condition in the Cisco Physical Access Gateway. A TCP three-way handshake is needed to exploit this vulnerability.
Successful exploitation of the vulnerability described in this document may result in a memory leak. The issue could be repeatedly exploited to cause an extended DoS condition. Connected door hardware, such as card readers, locks, and other input/output devices will function intermittently during extended DoS exploitation. Doors will remain open or locked depending on the gateway's configuration.
Workaround
No workarounds are available; however, mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory, which is available at the following link:
http://www.cisco.com/warp/public/707/cisco-amb-20090624-gateway.shtml
CVE Information:
CVE-2009-1163
|
|
|
|
|
