lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20030801053519.GU1536@netsys.com>
From: len at netsys.com (Len Rose)
Subject: [psirt@...co.com: Cisco Security Notice: Data Leak in UDP Echo Service]

Odd that we didn't see this on the list, Cisco usually posts.

----- Forwarded message from Cisco Systems Product Security Incident Response Team <psirt@...co.com> -----

From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: cust-security-announce@...co.com
Cc: psirt@...co.com
Subject: Cisco Security Notice: Data Leak in UDP Echo Service
Date: Fri, 01 Aug 2003 00:45:08 +0200 (CET)
Message-id: <200308010045.cisco-sn-20030731-ios-udp-echo@...rt.cisco.com>
Prevent-NonDelivery-Report: 
Content-Return: Prohibited
Sender: owner-cust-security-announce@...co.com
Precedence: bulk
Reply-To: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
Status: RO
Content-Length: 1564
Lines: 58

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Data Leak in UDP Echo Service

Revision 1.0

Description
===========

If the udp-small-servers command is enabled, a Cisco IOSŪ software device may
reply to malformed udp echo packets with some of the contents stored in a
router's memory. By repeatedly sending malformed udp echo packets and capturing
the replies, an attacker can obtain portions of the data that is stored in a
router's memory.

Workarounds are available to mitigate the effects.

Fixed Software
==============

This vulnerability has been fixed by the Cisco Bug ID CSCdk77834. Below are the
first Cisco IOS software releases that are not affected by this vulnerability:

  * 12.0(3.2)
   
  * 12.0(3.3)S
   
  * 12.0(3.4)T
   
  * 12.0(3.6)W5(9.0.5)
   
12.1, 12.2, and 12.3-based images are not affected.

Workaround
==========

The workaround is to disable udp-small-services. The syntax for this command on
routers and switches running Cisco IOS software is as follows:

    no service udp-small-servers
      

The udp-small-servers command is disabled by default since Cisco IOS Software
Release 11.2(1).

It is always recommended to disable unnecessary services on routers and
switches. Refer to Improving Security on Cisco Routers
(http://www.cisco.com/warp/public/707/21.html#possibly_unnecessary) for more 
information on improving router security.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/KZn9ezGozzK2tZARAm88AKDDEOepms5pWBGS8+O2GSbJiBVWJwCgt1yh
4uQb39onkchAFo7TiLWfgdw=
=P/VN
-----END PGP SIGNATURE-----

----- End forwarded message -----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ