Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Cisco PIX SNMPv3 and VPNC Denial of Service Vulnerabilities

Dec 15, 2003 4:04AM PST

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Cisco PIX 6.x
Cisco PIX 5.x
Cisco PIX 4.x

DESCRIPTION:
Cisco has reported two vulnerabilities in the Cisco PIX firewall,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

An unspecified vulnerability can be exploited to crash and reload a
vulnerable device by sending specially crafted SNMPv3 messages to
it.

This affects versions:
6.3.1, 6.2.2 and earlier, 6.1.4 and earlier, 5.x.x and earlier.

It is possible to close IPSec tunnels established between a VPNC
configured PIX firewall and a VPN server by initiating an IKE Phase 1
negotiation to the outside interface of the VPNC configured
firewall.

This affects versions:
6.2.3 and earlier (6.1.x and 5.x.x are not affected).

SOLUTION:
Update to version 6.3.2, 6.2.3, or 6.1.5.

http://www.secunia.com/advisories/10434/

Discussion is locked