Skip to site navigation (Press enter)

[OSL | CCIE_RS] To all you Cisco Guys / Girls that are interested!

Adrian Brayton Wed, 09 Sep 2009 04:53:40 -0700

Cisco Security Advisory: TCP State Manipulation Denial of ServiceVulnerabilities in Multiple Cisco Products


Document ID: 109444


Advisory ID: cisco-sa-20090908-tcp24

http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml

Revision 1.0

For Public Release 2009 September 8 1700 UTC (GMT)

Please provide your feedback on this document.

Summary

Multiple Cisco products are affected by denial of service (DoS)vulnerabilities that manipulate the state of Transmission ControlProtocol (TCP) connections. By manipulating the state of a TCPconnection, an attacker could force the TCP connection to remain in along-lived state, possibly indefinitely. If enough TCP connections areforced into a long-lived or indefinite state, resources on a systemunder attack may be consumed, preventing new TCP connections frombeing accepted. In some cases, a system reboot may be necessary torecover normal system operation. To exploit these vulnerabilities, anattacker must be able to complete a TCP three-way handshake with avulnerable system.

In addition to these vulnerabilities, Cisco Nexus 5000 devices containa TCP DoS vulnerability that may result in a system crash. Thisadditional vulnerability was found as a result of testing the TCPstate manipulation vulnerabilities.

Cisco has released free software updates for download from the Ciscowebsite that address these vulnerabilities. Workarounds that mitigatethese vulnerabilities are available.



Affected 12.4-Based Releases

First Fixed Release

Recommended Release

12.4

12.4(18d)

12.4(23a)

12.4(25)

12.4(25b)

12.4(23b)

12.4GC

12.4(22)GC1

12.4(24)GC1

12.4(24)GC1

12.4JA

12.4(16b)JA1

12.4(21a)JA


12.4JDA

12.4(10b)JDA3


12.4JDC

12.4(10b)JDC


12.4JDD

12.4(10b)JDD


12.4JK

12.4(3)JK4


12.4JL

12.4(3)JL1


12.4JMA

Vulnerable; Contact your support organization per the instructions inObtaining Fixed Software section of this advisory



12.4JMB

Vulnerable; Contact your support organization per the instructions inObtaining Fixed Software section of this advisory



12.4JX

12.4(21a)JX


12.4MD

12.4(11)MD7

12.4(15)MD2

12.4(22)MD

12.4(11)MD9

12.4(15)MD3

12.4(22)MD1

12.4MDA

12.4(22)MDA

12.4(22)MDA1

12.4MR

12.4(19)MR2

12.4(19)MR3

12.4SW

12.4(15)SW3

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4T

12.4(5)T5e

12.4(15)T6a

12.4(22)T1

12.4(20)T2

12.4(24)T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XA

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XB

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XC

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XD

12.4(4)XD12

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XE

12.4(6)XE4

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XF

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XG

12.4(9)XG4

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XJ

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XK

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XL

12.4(15)XL4


12.4XM

12.4(15)XM3

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XN

Vulnerable; Contact your support organization per the instructions inObtaining Fixed Software section of this advisory



12.4XP

Vulnerable; Contact your support organization per the instructions inObtaining Fixed Software section of this advisory



12.4XQ

12.4(15)XQ2

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XR

12.4(15)XR4

12.4(22)XR

12.4(15)XR7

12.4XT

Vulnerable; first fixed in 12.4T

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XV

Vulnerable; Contact your support organization per the instructions inObtaining Fixed Software section of this advisory



12.4XW

12.4(11)XW10

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XY

12.4(15)XY4

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4XZ

12.4(15)XZ2

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4YA

12.4(20)YA2

12.4(15)T10

12.4(20)T4

12.4(22)T3

12.4(24)T2; Available on 23-OCT-2009

12.4YB

12.4(22)YB

12.4(22)YB4

12.4YD

12.4(22)YD

12.4(22)YD1

12.4YE

12.4(22)YE

12.4(22)YE1

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com