Thursday, September 08, 2005

Cisco Content Services Switches SSL Authentication Bypass Issue

Via FrSIRT.

FrSIRT Advisory : FrSIRT/ADV-2005-1680
CVE Reference : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-09-08

* Technical Description *

A vulnerability has been identified in Cisco Content Services Switches (CSS), which could be exploited by remote attackers to bypass the authentication mechanism and gain access to protected contents. This flaw is due to an error when SSL encryption is performed on the CSS and SSL clients do not appropriately renegotiate the SSL session, which could be exploited by remote attackers to bypass the server verification of the client certificate and access protected content.

Note : This vulnerability is only applicable to situations where SSL encryption is performed on the CSS and client authentication using SSL certificates is enabled.

* Affected Products *

Cisco CSS 11500 Series Content Services Switches with the CSS5-SSL-K9 SSL module
Cisco 11501 Content Services Switch with SSL (CSS11501S-K9)

* Solution *

Upgrade the affected software :
http://www.cisco.com/warp/public/707/cisco-sn-20050908-css.shtml#swv

* References *

http://www.frsirt.com/english/advisories/2005/1680
http://www.cisco.com/warp/public/707/cisco-sn-20050908-css.shtml

0 Comments:

Post a Comment

<< Home