Multiple Cisco products among those clobbered by OpenSSL flaw

By Edmund X. DeJesus, Contributing Writer 18 Mar 2004 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Cisco switches, routers and firewalls are vulnerable to attack due to a problem in OpenSSL that has other software vendors scrambling to cope. Failure to deal with the problem can leave systems open to remote denial of service (DoS).

Multiple products with HTTPS servers running OpenSSL are vulnerable to a remote DoS attack. OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for security and cryptographic applications.

For more information Click here for the Cisco advisory or here for the fix. For information about other products affected by the flaw, see below: Debian EnGarde FreeBSD Gentoo Kerberos Mandrake Red Hat Slackware SuSE

By using a specially formed SSL/TLS handshake, a vulnerability in the do_change_cipher_spec function in OpenSSL (versions 0.9.6c through 0.9.6k, and 0.9.7a through 0.9.7c) can allow a remote attacker to force a null-pointer assignment that crashes or resets the hardware, causing a DoS.

The problem affects Cisco IOS, Cisco PIX, Cisco Firewall Services Module for the Cisco Catalyst, Cisco MDS Multilayer Switch, Cisco Content Service Switch, Cisco Global Site Selector, CiscoWorks Common Services, CiscoWorks Common Management Foundation and Cisco Access Registrar (see Cisco site for version details).

Devices that use Secure Shell (SSH) instead of OpenSSL for secure access aren't affected by this vulnerability.

Limited workarounds are possible, including restricting access to the HTTPS server and disabling the SSL server or service. Cisco has provided fixes for these problems.

Cisco isn't alone in dealing with the OpenSSL problem. Vendors including Debian, EnGarde, FreeBSD, Gentoo, Kerberos, Mandrake, Red Hat, Slackware and SuSE are all struggling to deal with the consequences of the OpenSSL problem.

Tags: Network Hardware,  Network Security Monitoring and Analysis,  Network Security Best Practices and Products,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Hardware Unified wireless network still a work in progress for vendors 3Com acquisition confirms HP-Cisco battle for China Juniper to CIOs: Invest in internal cloud computing networks 802.11n wireless APs bring IP video to sprawling Illinois high school 802.11n upgrade: College ditches legacy network for new vendor Network device management overload: Engineers managing too many boxes What is network infrastructure and what is a hybrid network? What preventative maintenance procedures for network devices exist? Can wireless adapters operate as client access points to make SoftAPs? Is there VLAN software recommend for Realtek NICs? Network Hardware Research Network Security Monitoring and Analysis Application-specific network intrusion detection systems emerge Anomaly-based intrusion protection configuration and installation How can I calculate perimeter firewall throughput? How do I find the application on my network that's dropping packets? Integrating NAC with network security tools Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Network Security Best Practices and Products 3Com acquisition confirms HP-Cisco battle for China Enterprises demand next-generation firewalls with IPS, app visibility Preventing hacker attacks with network behavior analysis IPS Is there a way to trace my stolen laptop computer? Integrating NAC with network security tools Should organizations separate technical from administrative security? What network equipment is needed to secure a small business LAN? Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary core router  (SearchNetworking.com) fiber jumper  (SearchNetworking.com) flow routing  (SearchNetworking.com) foreign agent  (SearchNetworking.com) foreign network  (SearchNetworking.com) hardware load-balancing device  (SearchNetworking.com) logical router  (SearchNetworking.com) mrouter  (SearchNetworking.com) patch cord  (SearchNetworking.com) port interface card (PIC)  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary