Cisco IOS Firewall Authentication Proxy configuration buffer overflow

cisco-ios-authentication-proxy-bo (22174) The risk level is classified as MediumMedium Risk

Description:

Cisco IOS is vulnerable to a buffer overflow when processing the user authentication credentials. If the Firewall Authentication Proxy for FTP or Telnet sessions has been enabled, a remote attacker could complete a TCP connection to the IOS device to receive an auth-proxy authentication prompt. This would allow the attacker to execute arbitrary code on the system or possibly cause a reload of the device, resulting in a denial of service.


Consequences:

Gain Access

Remedy:

Upgrade to the latest fixed Cisco IOS version, as listed in Cisco Security Advisory 2005 September 7 1600 UTC (GMT). See References.

References:

  • CIAC INFORMATION BULLETIN P-300: Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Vulnerability.
  • Cisco Security Advisory 2005 September 7 1600 UTC (GMT): Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow.
  • BID-14770: Cisco IOS Firewall Authentication Proxy Buffer Overflow Vulnerability
  • CVE-2005-2841: Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
  • US-CERT VU#236045: Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials
  • VUPEN/ADV-2005-1669: Cisco IOS Firewall Authentication Proxy Buffer Overflow Vulnerability

Platforms Affected:

  • Cisco IOS 12.2ZH
  • Cisco IOS 12.2ZL
  • Cisco IOS 12.3
  • Cisco IOS 12.3B
  • Cisco IOS 12.3BC
  • Cisco IOS 12.3BW
  • Cisco IOS 12.3JA
  • Cisco IOS 12.3JK
  • Cisco IOS 12.3T
  • Cisco IOS 12.3XA
  • Cisco IOS 12.3XB
  • Cisco IOS 12.3XC
  • Cisco IOS 12.3XD
  • Cisco IOS 12.3XE
  • Cisco IOS 12.3XF
  • Cisco IOS 12.3XG
  • Cisco IOS 12.3XH
  • Cisco IOS 12.3XI
  • Cisco IOS 12.3XJ
  • Cisco IOS 12.3XK
  • Cisco IOS 12.3XL
  • Cisco IOS 12.3XM
  • Cisco IOS 12.3XQ
  • Cisco IOS 12.3XR
  • Cisco IOS 12.3XS
  • Cisco IOS 12.3XU
  • Cisco IOS 12.3XW
  • Cisco IOS 12.3XY
  • Cisco IOS 12.3YA
  • Cisco IOS 12.3YD
  • Cisco IOS 12.3YS
  • Cisco IOS 12.3YT
  • Cisco IOS 12.3YU
  • Cisco IOS 12.3YW
  • Cisco IOS 12.4MR
  • Cisco IOS 12.4T

Reported:

Sep 07, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page