Cisco's Wide Area Application Services vulnerable to DoS
In Cisco's Wide Area Application Services (WAAS) security vulnerabilities can be exploited by attackers, causing affected systems to crash. Following a successful attack, restarting is the only option to reinstate operation of the equipment.
The Wide Area Application Services from Cisco should centralise the provision of databases and applications, for instance, for company branch offices. Devices that deploy the software, like Cisco's WAE Appliances or the NM-WAE-502 service module, can potentially crash. This requires that the Edge services and the optimisation for the Common Internet File System (CIFS) in the software are activated. If an attacker sends a large number of TCP-SYN packets on ports 139 or 445 to the device, it closes down the service and no longer processes any network traffic. The devices are only able to resume the service after restarting the system. Packets of this type can also originate from network inventory software.
The vulnerabilities affect the WAAS software versions 4.0.7 and 4.0.9. Cisco has released Version 4.0.11, from which all these vulnerabilities have been eliminated.
- Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software, security advisory from Cisco