DoS vulnerability in Cisco Firewall Services Module
Cisco has announced a vulnerability in its Firewall Services Module (FWSM) which may be exploited to remotely trigger a module reload. The FWSM is used in Catalyst series 6500 switches and in series 7600 routers. The problem occurs during data filtering in Layer 7. According to Cisco, no intentional exploits have so far been observed. However, Cisco has observed data streams that appear to trigger this vulnerability unintentionally.
The affected software is version 3.2(3). The problem is said to have been solved in version 3.2(4), which is scheduled for release at the end of the month. As a workaround, the vendor suggests deactivating the "TCP Normalizing" option in FWSM. The original security advisory contains instructions on how to do this.
- Application Inspection Vulnerability in Cisco Firewall Services Module, Cisco security advisory