Vulnerability: Multiple Vulnerabilities in Cisco Firewall Services Module
Danger: High
Patch: Yes
Number of vulnerabilities: 3
CVE ID: CVE-2012-4661
CVE-2012-4662
CVE-2012-4663
Impact: Denial of service, System Compromise
Affected Products: Cisco Firewall Services Module (FWSM) 4.x
Affected versions: Cisco Firewall Services Module version to 4.1 (9)
Description:
Vulnerabilities can be exploited by malicious people to cause a DoS attack and execute arbitrary code on the target system.
1. The vulnerability is caused due to insufficient processing DCERPC transit traffic to the scan DCERPC. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system. Vulnerabilities affect versions prior to 4.1 (9).
2. The vulnerability is caused due to insufficient processing DCERPC transit traffic to the scan DCERPC. A remote user can cause a device reset. Vulnerabilities affect versions prior to 4.1 (7).
3. The vulnerability is caused due to insufficient processing DCERPC transit traffic to the scan DCERPC. A remote user can cause a device reset. Vulnerabilities affect versions prior to 4.1 (7).
Manufacturer URL: http://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_bulletin_c25-478751.html
Solution: Update to version 4.1 (9) from the manufacturer.
Links:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm