Cisco Firewall Services Module拒绝服务漏洞(CVE-2013-5508)
Cisco Firewall Services Module拒绝服务漏洞(CVE-2013-5508)
发布日期:2013-10-09
更新日期:2013-10-12
受影响系统:
Cisco Firewall Services Module 4.x
Cisco Firewall Services Module 3.x
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 62912
CVE(CAN) ID: CVE-2013-5508
CISCO FWSM是CISCO设备上的防火墙服务模块。
Cisco Firewall Services Module的SQL*Net监测引擎存在安全漏洞,可使未经身份验证的远程攻击者造成受影响设备重新加载。此漏洞源于对碎片TNS数据包的不正确处理。
<*来源:Cisco
链接:http://www.securelist.com/en/advisories/55236
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-fwsm
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20131009-fwsm)以及相应补丁:
cisco-sa-20131009-fwsm:Multiple Vulnerabilities in Cisco Firewall Services Module Software
链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-fwsm
评论暂时关闭