In association with heise online

06 September 2007, 10:52

Vulnerabilities in Cisco equipment

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Network equipment supplier Cisco has published security advisories on vulnerabilities in its software for video surveillance systems and its Load Balancer modules. Remote attackers can gain access to Cisco's Video Surveillance IP Gateway with administrator rights. They can also provoke a denial of service in the Load Balancer Content Switching Module (CSM) module for Catalyst 6500 switches.

The Telnet server running on Cisco's Video Surveillance IP Gateway does not require any authentication for login. The Services Platform and the Integrated Services Platform (SP/ISP) are supplied with standard passwords for users sypixx and root. These two vulnerabilities allow attackers to gain complete administrative access, so they can, for example, watch, edit, and even delete surveillance videos. Version 1.8.1 and previous versions of Video Surveillance IP Gateway, version 1.1 1.8 and previous versions of Video Surveillance Decoder SP/ISP, and all versions of Video Surveillance SP/ISP up to and including 1.23.7 are affected.

The Content Switch module for Cisco's Catalyst 6500 fails to properly handle specially crafted network packets in an unusual sequence described only as "out of order" by the vendor. As a result, the CPU may run at 100 percent, and the device may reboot. The CSM-S with SSL support may also operate as an SSL terminal. If configured in this way, the device may also be vulnerable to a denial of service attack if the system is running under heavy load. The unit then ceases to respond to queries. Versions up to and excluding 4.2.3a of CSM and 2.1.2a of CSM-S are affected. The second vulnerability affects CSM version 4.2.7 and CSM-S 2.1.6 and previous versions.

Cisco has provided updated software for the devices affected. Administrators are advised to install the updates immediately.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit