A hole in Cisco's Firewall Services Module could result in a reload of the module, or if exploited repeatedly, could cause a sustained denial-of-service attack, warns the vendor. FWSM is an integrated firewall module for Cisco Catalyst 6500 switches and Cisco 7600 Series routers. In its security alert issued Wednesday, Cisco says there are "no known instances of intentional exploitation of this issue," but that it has "observed data streams that appear to be unintentionally triggering this vulnerability." According to the security advisory, the security hole could be "triggered with standard network traffic, which is passed through the Application Layer Protocol Inspection process."
The only FWSM release affected by this vulnerability is FWSM System Software version 3.2(3).
FWSM software version 3.2(4) contains the fixes for the vulnerability and will be available for download the week beginning Dec. 31 at this URL.
A workaround for this vulnerability can be found at the security advisory.
More Cisco Security Advisories
More Cisco Subnet items:
* Quiz: How much do you know about Cisco? Take our quiz and find out
* 7 Cisco bad luck happenings in '07
* Top 6 Cisco acquisitions of 2007; what it should buy in 2008
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
Network World's IT Buyer's Guide: Cisco products
Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
