|
|
|
|
| |
Credit:
The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20100217-fwsm.shtml
|
| |
Vulnerable Systems:
Cisco FWSM 4.X with SCCP inspection enabled
Cisco ASA 5500 Series Adaptive Security Appliances
The Cisco FWSM is affected by a vulnerability that may cause the device to reload during the processing of a malformed SCCP message when SCCP inspection is enabled. This vulnerability is only triggered by transit traffic; traffic that is destined to the device does not trigger this vulnerability.
This issue is documented in Cisco bug ID CSCtb60485.
Patch Availability:
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
Fixed Cisco FWSM Software can be downloaded from the Software Center on Cisco.com by visiting http://www.cisco.com/cisco/web/download/index.html
and navigating to "Security > Cisco Catalyst 6500 Series Firewall Services Module > Firewall Services Module (FWSM) Software".
Workaround:
If SCCP inspection is not required, this vulnerability can be mitigated by disabling it. Administrators can disable SCCP inspection by issuing the "no inspect skinny" command in class configuration sub-mode within the policy map configuration. If SCCP inspection is required, there are no workarounds.
CVE Information:
CVE-2010-0151
Disclosure Timeline:
Release Date: 2010-02-17
|
|
|
|
|
