US-CERT: Broadcom NetXtreme network cards vulnerable
The US-CERT warns of a security hole in the firmware of certain Broadcom NetXtreme network cards. According to the relevant advisory, a buffer overflow can be triggered during the processing of Alert Standard Format (ASF) messages, which are exchanged when systems are managed remotely. The flaw allows attackers to take full control of the network interface and, for instance, disrupt or redirect network traffic. The security hole can only be exploited if remote management using the Remote Management and Control Protocol (RMCP) over the RMCP Security Extensions Protocol (RSP) has been enabled.
Broadcom say that the vulnerability affects models BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764 and BCM5787 with firmware up to and including v8.04, BCM57760 with firmware up to and including v8.07, and BCM5761 with firmware up to and including v220.127.116.11. NetXtreme chips are not often seen on desktop boards as they are used mainly in servers. As a workaround, the vendor recommends that users disable ASF or restrict the access to the 623/udp and 664/udp management ports to trusted IPs. Updating to the Broadcom NetXtreme 14.0 software release upgrades the firmware to a corrected version.