Available Languages

Updated:December 10, 2011

Document ID:1454785203009889

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Cisco Security Advisory

Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability

Severity

Advisory ID:

cisco-sa-20040304-css

First Published:

2004 March 4 17:00 GMT

Version 1.1:

Final

Download CVRF

Summary

The CSS 11000 Series Content Services Switches are vulnerable to a Denial of Service (DoS) attack caused by malformed UDP packets received over the management port.

This vulnerability is documented as Cisco bug ID CSCed45747. There is no workaround available to mitigate the effects of this vulnerability. Cisco is providing fixed software, and customers are recommended to upgrade to it.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040304-css.

Affected Products

Vulnerable Products

The CSS 11000 Series Content Services Switches (formerly known as Arrowpoint) consist of the CSS 11050, CSS 11100, CSS 11150, and CSS 11800 hardware platforms. They run the Cisco WebNS software.

To determine your hardware model and software revision, type show chassis at the command line prompt.

WebNS Release Train	Affected Releases
5.0(x)	earlier than 05.0(04.07)S
6.10(x)	earlier than 06.10(02.05)S

Products Confirmed Not Vulnerable

For clarification, the CSS 11500 Series Content Services Switches consisting of 11501, 11503, and 11506 , the Cisco Global Site Selector (GSS) series switches, and the Content Switching Module (CSM) are not affected by this vulnerability.

No other Cisco products are currently known to be affected by this vulnerability.

Details

If malformed UDP packets are sent to UDP port 5002, the default port for app-udp, on the management port of the CSS 11000 Series Content Services Switch running Cisco WebNS release 5.0(x) and 6.10(x) release trains the switch may reload. This vulnerability exists even when the Network Proximity feature is not configured on the CSS 11000 Series Content Services Switch. Please refer to http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_610/advcggd/proximty.htm for more details on the Network Proximity feature.

Access to the management port of the CSS 11000 Series Content Services Switches is available solely through the physical management interface on the device; access via circuit VLANs is not implemented, and therefore the vulnerability can only be exploited through the management port.

This vulnerability is documented in the Cisco Bug Toolkit ( registered customers only) as Bug ID CSCed45747. Cisco WebNS release 7.10(x), 7.20(x), and 7.30(x) release trains have also had code changes but due to architectural differences they are not affected by this vulnerability.

The Internetworking Terms and Cisco Systems Acronyms online guides can be found at http://www.cisco.com/univercd/cc/td/doc/cisintwk/.

Workarounds

There is no workaround for this vulnerability. Customers may be able to mitigate the affects of the vulnerability by controlling access to the UDP port 5002 on the management port of the CSS 11000 Series Content Services Switch to allow access only from required network devices or by disallowing access if the Network Proximity feature is not configured.

The Cisco PSIRT recommends that affected users upgrade to a fixed software version of code.

Fixed Software

WebNS Release Train	Fixed Releases
5.0(x)	05.0(04.07)S and later
6.10(x)	06.10(02.05)S and later

The procedure to upgrade to a fixed software version is available under "Upgrading Your CSS Software" in the CSS Administration Guide (for version 6.x), or "Upgrading Your CSS Software" in the CSS Basic Configuration Guide (for version 5.x). The steps can be accessed online at http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_610/admgd/upgrade.htm.

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.

This vulnerability was reported to Cisco PSIRT by Timothy Arnold.

Cisco Security Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Subscribe to Cisco Security Notifications

URL

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040304-css

Revision History

Revision 1.2	2005 February 2	Fixed broken link to the upgrade procedure document in the Software Versions and Fixes section.
Revision 1.1	2004 March 04	Added CSS 11100 to the affected products section.
Revision 1	2004 March 04	Initial Release.

Show Less

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.

Feedback

Leave additional feedback