ISS X-Force Database: cisco-ios-finished-dos(34442): Multiple Cisco devices Finished SSL message denial of service

Multiple Cisco devices Finished SSL message denial of service

cisco-ios-finished-dos (34442)

Low Risk

Description:

Multiple Cisco devices running IOS are vulnerable to a denial of service attack caused by improper handling of "Finished" SSL messages. A remote attacker could send a specially-crafted "Finished" message to cause an affected device to crash.

Platforms Affected:

Cisco, IOS 12.0T
Cisco, IOS 12.0WC
Cisco, IOS 12.0XE
Cisco, IOS 12.0XH
Cisco, IOS 12.0XI
Cisco, IOS 12.0XK
Cisco, IOS 12.0XL
Cisco, IOS 12.0XN
Cisco, IOS 12.0XQ
Cisco, IOS 12.0XR
Cisco, IOS 12.0XV
Cisco, IOS 12.1
Cisco, IOS 12.1AY
Cisco, IOS 12.1CX
Cisco, IOS 12.1E
Cisco, IOS 12.1EA
Cisco, IOS 12.1EB
Cisco, IOS 12.1EC
Cisco, IOS 12.1EW
Cisco, IOS 12.1EX
Cisco, IOS 12.1EY
Cisco, IOS 12.1T
Cisco, IOS 12.1XC
Cisco, IOS 12.1XD
Cisco, IOS 12.1XF
Cisco, IOS 12.1XG
Cisco, IOS 12.1XH
Cisco, IOS 12.1XI
Cisco, IOS 12.1XJ
Cisco, IOS 12.1XL
Cisco, IOS 12.1XM
Cisco, IOS 12.1XP
Cisco, IOS 12.1XQ
Cisco, IOS 12.1XT
Cisco, IOS 12.1XU
Cisco, IOS 12.1YB
Cisco, IOS 12.1YC
Cisco, IOS 12.1YD
Cisco, IOS 12.1YE
Cisco, IOS 12.1YF
Cisco, IOS 12.1YI
Cisco, IOS 12.2
Cisco, IOS 12.21XA
Cisco, IOS 12.21XB
Cisco, IOS 12.2B
Cisco, IOS 12.2BC
Cisco, IOS 12.2BW
Cisco, IOS 12.2BY
Cisco, IOS 12.2BZ
Cisco, IOS 12.2CX
Cisco, IOS 12.2CY
Cisco, IOS 12.2CZ
Cisco, IOS 12.2DD
Cisco, IOS 12.2EW
Cisco, IOS 12.2EWA
Cisco, IOS 12.2EX
Cisco, IOS 12.2EY
Cisco, IOS 12.2EZ
Cisco, IOS 12.2FX
Cisco, IOS 12.2FZ
Cisco, IOS 12.2JA
Cisco, IOS 12.2JK
Cisco, IOS 12.2S
Cisco, IOS 12.2SB
Cisco, IOS 12.2SBC
Cisco, IOS 12.2SE
Cisco, IOS 12.2SEA
Cisco, IOS 12.2SEB
Cisco, IOS 12.2SEC
Cisco, IOS 12.2SED
Cisco, IOS 12.2SEE
Cisco, IOS 12.2SEF
Cisco, IOS 12.2SEG
Cisco, IOS 12.2SG
Cisco, IOS 12.2SGA
Cisco, IOS 12.2SRA
Cisco, IOS 12.2SU
Cisco, IOS 12.2SV
Cisco, IOS 12.2SW
Cisco, IOS 12.2SX
Cisco, IOS 12.2SXA
Cisco, IOS 12.2SXB
Cisco, IOS 12.2SXD
Cisco, IOS 12.2SXE
Cisco, IOS 12.2SXF
Cisco, IOS 12.2SY
Cisco, IOS 12.2T
Cisco, IOS 12.2TPC
Cisco, IOS 12.2XA
Cisco, IOS 12.2XB
Cisco, IOS 12.2XD
Cisco, IOS 12.2XE
Cisco, IOS 12.2XF
Cisco, IOS 12.2XG
Cisco, IOS 12.2XH
Cisco, IOS 12.2XI
Cisco, IOS 12.2XJ
Cisco, IOS 12.2XK
Cisco, IOS 12.2XL
Cisco, IOS 12.2XM
Cisco, IOS 12.2XN
Cisco, IOS 12.2XQ
Cisco, IOS 12.2XR
Cisco, IOS 12.2XS
Cisco, IOS 12.2XT
Cisco, IOS 12.2XU
Cisco, IOS 12.2XV
Cisco, IOS 12.2XW
Cisco, IOS 12.2YA
Cisco, IOS 12.2YB
Cisco, IOS 12.2YC
Cisco, IOS 12.2YD
Cisco, IOS 12.2YE
Cisco, IOS 12.2YF
Cisco, IOS 12.2YJ
Cisco, IOS 12.2YL
Cisco, IOS 12.2YM
Cisco, IOS 12.2YN
Cisco, IOS 12.2YQ
Cisco, IOS 12.2YR
Cisco, IOS 12.2YU
Cisco, IOS 12.2YV
Cisco, IOS 12.2YW
Cisco, IOS 12.2YX
Cisco, IOS 12.2YY
Cisco, IOS 12.2YZ
Cisco, IOS 12.2ZA
Cisco, IOS 12.2ZB
Cisco, IOS 12.2ZD
Cisco, IOS 12.2ZE
Cisco, IOS 12.2ZF
Cisco, IOS 12.2ZH
Cisco, IOS 12.2ZJ
Cisco, IOS 12.2ZL
Cisco, IOS 12.2ZN
Cisco, IOS 12.2ZU
Cisco, IOS 12.2ZV
Cisco, IOS 12.2ZW
Cisco, IOS 12.2ZX
Cisco, IOS 12.3
Cisco, IOS 12.3B
Cisco, IOS 12.3BC
Cisco, IOS 12.3JA
Cisco, IOS 12.3JEA
Cisco, IOS 12.3JK
Cisco, IOS 12.3JX
Cisco, IOS 12.3T
Cisco, IOS 12.3TPC
Cisco, IOS 12.3XA
Cisco, IOS 12.3XB
Cisco, IOS 12.3XC
Cisco, IOS 12.3XD
Cisco, IOS 12.3XE
Cisco, IOS 12.3XF
Cisco, IOS 12.3XG
Cisco, IOS 12.3XH
Cisco, IOS 12.3XI
Cisco, IOS 12.3XJ
Cisco, IOS 12.3XK
Cisco, IOS 12.3XQ
Cisco, IOS 12.3XR
Cisco, IOS 12.3XS
Cisco, IOS 12.3XU
Cisco, IOS 12.3XW
Cisco, IOS 12.3XX
Cisco, IOS 12.3YA
Cisco, IOS 12.3YD
Cisco, IOS 12.3YF
Cisco, IOS 12.3YG
Cisco, IOS 12.3YH
Cisco, IOS 12.3YI
Cisco, IOS 12.3YK
Cisco, IOS 12.3YQ
Cisco, IOS 12.3YS
Cisco, IOS 12.3YT
Cisco, IOS 12.3YU
Cisco, IOS 12.3YX
Cisco, IOS 12.3YZ
Cisco, IOS 12.4
Cisco, IOS 12.4T
Cisco, IOS 12.4XA
Cisco, IOS 12.4XB
Cisco, IOS 12.4XC
Cisco, IOS 12.4XD
Cisco, IOS 12.4XE
Cisco, IOS 12.4XP
Cisco, IOS 12.4XT

Remedy:

Refer to cisco-sa-20070522-SSL for patch, upgrade, or suggested workaround information. See References.

Consequences:

Denial of Service

References:

cisco-sa-20070522-SSL, Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets at http://www.cisco.com/warp/public/707/cisco-sa-20070522-SSL.shtml .
BID-24097: Cisco IOS SSL Packets Multiple Denial Of Service Vulnerabilities
CVE-2007-2813: Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
OSVDB ID: 35339: Cisco IOS Malformed SSL Messages DoS
SA25361: Cisco IOS SSL Messages Denial of Service Vulnerabilities
SECTRACK ID: 1018094: Cisco IOS ClientHello, ChangeCipherSpec, and Finished SSL Messages Let Remote Users Deny Service
VUPEN/ADV-2007-1910: Cisco IOS Secure Sockets Layer Packets Processing Denial of Service Vulnerabilities

Reported:

May 22, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page