You are here

U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service

October 11, 2012 - 6:00am

Addthis

PROBLEM:

Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service

PLATFORM:

Version(s): prior to 4.1(9)

ABSTRACT:

Several vulnerabilities were reported in Cisco Firewall Services Module.

reference LINKS:

Cisco Advisory ID: cisco-sa-20121010-fwsm
SecurityTracker Alert ID:  1027640
CVE-2012-4661
CVE-2012-4662
CVE-2012-4663

IMPACT ASSESSMENT:

High

Discussion:

A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to reload [CVE-2012-4661].

Cisco has assigned Cisco bug ID CSCtr27522 to this vulnerability.

A remote user can send specially crafted DCERPC data through the target device to cause the target device to reload [CVE-2012-4662, CVE-2012-4663].

Impact:

Successful exploitation of either of the vulnerabilities could cause an affected device to reload. Repeated exploitation may result in a DoS condition.  Successful exploitation of the DCERPC Inspection Buffer Overflow Vulnerability may cause a stack overflow and permit the execution of arbitrary commands.

Solution:

The vendor has issued a fix.

 

 

Addthis