Multiple Vulnerabilities in Cisco Firewall Service Module (FWSM)

Reported December 15, 2003 by Cisco.





  • Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers




Two vulnerabilities in the Cisco Firewall Services Module (FWSM) can result in a Denial of Service (DoS) condition on the vulnerable system. These two vulnerabilities are as follows:


·         The FWSM might crash and reload because of a buffer-overflow vulnerability while processing HTTP traffic requests for authentication using TACACS+ or RADIUS. This request is initiated when a user starts a connection through FTP, Telnet, or the Internet (HTTP) and is prompted for his or her username and password. If the designated TACACS+ or RADIUS authentication server verifies the username and password, the FWSM will permit further traffic between the authentication server and the connection to interact independently through the FWSM's "cut-through proxy" feature.


·         The Cisco FWSM crashes and reloads while processing a received SNMPv3 message when snmp-server host <ip_addr> is configured on the FWSM. This problem occurs even though the FWSM doesn't support SNMPv3.




Cisco has released a security bulletin concerning these vulnerabilities and recommends that affected customers obtain the patch available through normal support channels.




Discovered by Cisco.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.