SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#236045

Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials

Overview

A buffer overflow vulnerability in Cisco IOS Firewall Authentication Proxy may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service.

I. Description

Cisco IOS Firewall Authentication Proxy is a feature that allows network administrators to apply security policies on a per-user basis. The Firewall Authentication Proxy for FTP and Telnet Sessions feature for Cisco IOS provides proxy authentication for FTP and Telnet services.

Cisco IOS is vulnerable to a buffer overflow when processing user authentication credentials from an Authentication Proxy Telnet or FTP session. According to the Cisco Security Advisory, the following versions of Cisco IOS are affected:

  • 12.2ZH and 12.2ZL based trains
  • 12.3 based trains
  • 12.3T based trains
  • 12.4 based trains
  • 12.4T based trains

II. Impact

A remote unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition on an affected system.

III. Solution

Apply a patch or upgrade

Please refer to the "Software Versions and Fixes" section of the Cisco Security Advisory for more information on upgrading.

Disable Cisco IOS Firewall Authentication Proxy feature for Telnet/FTP sessions

Disabling the Cisco IOS Firewall Authentication Proxy feature for Telnet/FTP sessions is reported to prevent exploitation of this vulnerability. Please see the "Workarounds" section of the Cisco Security Advisory.

Systems Affected

VendorStatusDate NotifiedDate Updated
Cisco Systems, Inc.Vulnerable7-Sep-2005

References


http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/iosfw2/iosfw2_1.htm
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123_1/ftp_tel.htm
http://xforce.iss.net/xforce/xfdb/22174
http://www.securityfocus.com/bid/14770
http://secunia.com/advisories/16719

Credit

Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.

This document was written by Will Dormann, based on the Cisco Security Advisory.

Other Information

Date Public:2005-09-07
Date First Published:2005-09-07
Date Last Updated:2005-09-08
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:21.87
Document Revision:12

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2005 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader