|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Another Cisco PIX Firewall Vulnerability
Brett Oliphant (Brett_M_Oliphant/Lafayette_Life
LLNOTES.LLIC.COM)Mon, 31 Aug 1998 07:47:42 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Wichert Akkerman: "Re: Buffer overflows in Minicom 1.80.1"
- Previous message: Don Lewis: "Re: FreeBSD's RST validation"
Overview:
Cisco's management software for the PIX Firewall does not perform
proper checking of urls. The compromise is any file on the management
server can be viewed with a web browser. This could lead to other more
educated attacks against the network.
Who is Affected?:
Any site that allows anybody to build a connection to port 8080 of the
PIX Firewall Management server. It is not uncommon for sites to have a
conduit open through the firewall to reach this box, for the purpose of
remote administration. I doubt this setup is recommended, but it does
happen.
Details of Exploit:
The exact details of the exploit will be withheld until Cisco releases
the official advisory, which should be in a few days.
Fix:
They have confirmed this bug to exist, yet have not informed me their
plan of attack. A simple temporary solution for this would be if a conduit
does exist from the outside world to the server - remove it. Secondly,
only run the Cisco Management service when you plan on doing configuration
changes. Which if you can, the second idea is not a bad one to live by
even after Cisco releases a fix.
Brett Oliphant
Manager - Corporate Computer Security
Lafayette Life Insurance Company
- Next message: Wichert Akkerman: "Re: Buffer overflows in Minicom 1.80.1"
- Previous message: Don Lewis: "Re: FreeBSD's RST validation"