Cisco content gateway vulnerable

Gen 2 software has service bypass, DoS holes

Cisco this week issued a security advisory for its Content Services Gateway - Second Generation (CSG2), which runs on the Service and Application Module for IP. CSG2 provides policy management and billing based on deep-packet inspection for mobile data networks. 

CSG2 has a service bypass vulnerability that, under certain configurations, allows customers to access restricted sites or freely access sites for which they should be billed. This vulnerability only affects HTTP content traffic, the advisory states.

Also, Cisco IOS Software Release 12.4(24)MD1 on the CSG2 contains two vulnerabilities that can allow a remote, unauthenticated attacker to initiate a denial of service that prevents traffic from passing through the CSG2. These vulnerabilities require only a single content service to be active on the Cisco CSG2 and can be exploited via crafted TCP packets, the advisory states. And a three-way handshake is not required to exploit either of these vulnerabilities.

Workarounds that mitigate these vulnerabilities are not available, the Cisco advisory states.

The service policy bypass vulnerability affects all versions of the Cisco IOS Software for the CSG2 prior to the first fixed release, which can be found in the "Software Versions and Fixes" section of the advisory. The two denial of service vulnerabilities only affect IOS Release 12.4(24)MD1.

Cisco says it has also released free software updates that address these vulnerabilities.

Cisco says some external blogs disclosed the service billing bypass vulnerability but that it is not aware of any malicious use of the vulnerabilities in the advisory. They were found through internal testing and customer support calls.

More from Cisco Subnet:

Cisco's LineSider buy big for IT prize

Verizon 2010 Data Breach Report Is Eye Opening

What's at the core of Cisco's plight?

Cisco sends up a warning flare

TSHOOT Practice Questions - The Answers!

Cisco's 3QCY10 Global Threat Report Results

The Smart-Fat and Smart-Thin Edge of the Network

Upgrade Your Cisco Cert to an HP Cert

Win a five-book library from Cisco Press

Follow all Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter


Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT