Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[psirt () cisco com: Cisco Security Notice: Data Leak in UDP Echo Service]

From: Len Rose <len () netsys com>
Date: Fri, 1 Aug 2003 01:35:19 -0400
Odd that we didn't see this on the list, Cisco usually posts.

----- Forwarded message from Cisco Systems Product Security Incident Response Team <psirt () cisco com> -----

From: Cisco Systems Product Security Incident Response Team <psirt () cisco com>
To: cust-security-announce () cisco com
Cc: psirt () cisco com
Subject: Cisco Security Notice: Data Leak in UDP Echo Service
Date: Fri, 01 Aug 2003 00:45:08 +0200 (CET)
Message-id: <200308010045.cisco-sn-20030731-ios-udp-echo () psirt cisco com>
Prevent-NonDelivery-Report: 
Content-Return: Prohibited
Sender: owner-cust-security-announce () cisco com
Precedence: bulk
Reply-To: Cisco Systems Product Security Incident Response Team <psirt () cisco com>
Status: RO
Content-Length: 1564
Lines: 58

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Data Leak in UDP Echo Service

Revision 1.0

Description
===========

If the udp-small-servers command is enabled, a Cisco IOS? software device may
reply to malformed udp echo packets with some of the contents stored in a
router's memory. By repeatedly sending malformed udp echo packets and capturing
the replies, an attacker can obtain portions of the data that is stored in a
router's memory.

Workarounds are available to mitigate the effects.

Fixed Software
==============

This vulnerability has been fixed by the Cisco Bug ID CSCdk77834. Below are the
first Cisco IOS software releases that are not affected by this vulnerability:

  * 12.0(3.2)
   
  * 12.0(3.3)S
   
  * 12.0(3.4)T
   
  * 12.0(3.6)W5(9.0.5)
   
12.1, 12.2, and 12.3-based images are not affected.

Workaround
==========

The workaround is to disable udp-small-services. The syntax for this command on
routers and switches running Cisco IOS software is as follows:

    no service udp-small-servers
      

The udp-small-servers command is disabled by default since Cisco IOS Software
Release 11.2(1).

It is always recommended to disable unnecessary services on routers and
switches. Refer to Improving Security on Cisco Routers
(http://www.cisco.com/warp/public/707/21.html#possibly_unnecessary) for more 
information on improving router security.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/KZn9ezGozzK2tZARAm88AKDDEOepms5pWBGS8+O2GSbJiBVWJwCgt1yh
4uQb39onkchAFo7TiLWfgdw=
=P/VN
-----END PGP SIGNATURE-----

----- End forwarded message -----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: