Vulnerabilities > CVE-2014-0710 - Race Condition vulnerability in Cisco Firewall Services Module Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leveraging Race Conditions This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
- Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.
Nessus
NASL family | CISCO |
NASL id | CISCO-SA-20140219-FWSM.NASL |
description | The remote Cisco Firewall Services Module (FWSM) device is affected by a denial of service (DoS) vulnerability due to a flaw in the cut-through proxy function. A remote, unauthenticated attacker could potentially exploit this vulnerability to cause a reload of the affected system, with repeated exploitation leading to a DoS condition. |
last seen | 2019-10-28 |
modified | 2014-02-24 |
plugin id | 72668 |
published | 2014-02-24 |
reporter | This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/72668 |
title | Cisco Firewall Services Module Software Denial of Service (cisco-sa-20140219-fwsm) |
code |
|
Seebug
bulletinFamily | exploit |
description | Bugtraq ID:65662 CVE ID:CVE-2014-0710 Cisco Firewall Services Module是一款多个cisco产品上使用的防火墙服务模块。 Cisco Catalyst 6500 Series Switches和Cisco 7600 Series Routers上的Cisco FWSM软件所包含的cut-through代理功能在释放内存时存在竞争条件错误,允许远程攻击者发送特殊的能触发cut-through代理验证条件的通信,可使受影响设备重载,造成拒绝服务攻击。 0 Cisco Firewall Services Module Cisco Catalyst 6500 Series Switches Cisco 7600 Series Routers 厂商补丁: Cisco ----- Cisco Firewall Services Module 3.1(21), 3.2(21), 4.0(16)和4.1(6)已经修复该漏洞,建议用户下载更新: http://www.cisco.com/public/sw-center/ |
id | SSV:61510 |
last seen | 2017-11-19 |
modified | 2014-02-21 |
published | 2014-02-21 |
reporter | Root |
title | Cisco Firewall Services模块Cut-Through Proxy远程拒绝服务漏洞 |