- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Cisco is warning that a flaw in its Firewall Services Module could result in a reload of the module, or if exploited repeatedly, could result in a sustained denial-of-service attack.
FWSM is an integrated firewall module for Cisco Catalyst 6500 switches and Cisco 7600 Series routers.
In its security alert issued Wednesday, Cisco says there are "no known instances of intentional exploitation of this issue," but that it has "observed data streams that appear to be unintentionally triggering this vulnerability."
According to the security advisory, the security hole could be "triggered with standard network traffic, which is passed through the Application Layer Protocol Inspection process."
The only FWSM release affected by this vulnerability is FWSM System Software version 3.2(3).
FWSM software version 3.2(4) contains the fixes for the vulnerability and will be available for download the week beginning Dec. 31 at this URL.
A workaround for this vulnerability can be found at the security advisory.
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (1)
Cisco points to security flaw in its firewall moduleBy Cisco Subnet on December 19, 2007, 8:29 pmA hole in Cisco's Firewall Services Module could result in a reload of the module, or if exploited repeatedly, could cause a sustained denial-of-service attack,...
Reply | Read entire comment
View all comments