ISS X-Force Database: cisco-waas-edgeservice-dos(35477): Cisco Wide Area Application Services (WAAS) Edge Services denial of service

Cisco Wide Area Application Services (WAAS) Edge Services denial of service

cisco-waas-edgeservice-dos (35477)

Low Risk

Description:

The Cisco Wide Area Application Services (WAAS) running with Edge Services using CIFS optimization is vulnerable to a denial of service. By flooding ports 139 and 145 with TCP SYN requests, a remote attacker could exploit this vulnerability to cause an affected device to become unresponsive.

Platforms Affected:

Cisco, Wide Area Application Engine
Cisco, Wide Area Application Engine NM-WAE-502
Cisco, Wide Area Application Services 4.0.7
Cisco, Wide Area Application Services 4.0.9

Remedy:

Refer to cisco-sa-20070718-waas for patch, upgrade, or suggested workaround information. See References.

Consequences:

Denial of Service

References:

cisco-sa-20070718-waas, Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software at http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml.
BID-24956: Cisco Wide Area Application Services CIFS Remote Denial of Service Vulnerability
CVE-2007-3923: The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445.
OSVDB ID: 36120: Cisco Wide Area Application Services (WAAS) Edge Services CIFS Optimisation SYN Flood DoS
SA26122: Cisco Wide Area Application Services Edge Services SYN Flood Denial of Service
SECTRACK ID: 1018416: Cisco Wide Area Application Services Lets Remote Users Deny Service
VUPEN/ADV-2007-2572: Cisco Wide Area Application Services TCP SYN Flood Denial of Service Vulnerability

Reported:

Jul 18, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page