CERT-MU :Vulnerability

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU Vulnerability Note VN-2008-17

Cisco Global Site Selector DNS Request Denial of Service

Original Issue Date: January 15, 2009

Severity Rating: Medium

Systems Affected

Cisco GSS firmware versions prior to 3.0(1) are vulnerable on any of the following devices:

Cisco GSS 4480 Global Site Selector
Cisco GSS 4490 Global Site Selector
Cisco GSS 4491 Global Site Selector
Cisco GSS 4492R Global Site Selector

Overview

Multiple vulnerabilities have been reported in PHP which could allow attacker to execute arbitrary code and to take complete control of a vulnerable system.

Description

The Cisco Application Control Engine Global Site Selector (GSS) allows customers to leverage global content deployment across multiple distributed and mirrored data locations, optimizing site selection, improving Domain Name System (DNS) responsiveness, and ensuring data center availability.

The GSS is inserted into the traditional DNS hierarchy and is closely integrated with the Cisco CSS, Cisco Content Switching Module (CSM), or third-party server load balancers (SLBs) to monitor the health and load of the SLBs in customer's data centers. The GSS uses this information and user-specified routing algorithms to select the best-suited and least-loaded data center in real time.

A vulnerability exists in the GSS when processing a specific sequence of DNS requests. An exploit of the vulnerability may result in a crash of the DNS service on the GSS. Repeated attempts results in DoS condition..

Workaround

A workaround for this vulnerability includes setting the property "ServerConfig.dnsserver.returnError" to disabled (or zero). The following example shows how to set the property to disabled. It is enabled by default:

GSS#config terminal
GSS(config)#$sserver.returnError 0
GSS(config)#property set ServerConfig.dnsserver.returnError 0 GSS(config)#exit
GSS#write memory

Solution

Update to version 3.0(1) or later as suggested by vendor:
http://www.cisco.com/pcgi-bin/tablebuild.pl/gss-3des?psrtdcat20e2

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20090107-gss.shtml

CVE Name

CVE-2008-3819

References

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20090107-gss.shtml

SecurityFocus
http://www.securityfocus.com/bid/33152

Secunia
http://secunia.com/Advisories/33429/

SecurityTracker
http://www.securitytracker.com/alerts/2009/Jan/1021530.html

10-Jul-2011

News & Events

Workshop on Cloud Security

Workshop on Mobile Security

Certificate Award Ceremony for Trainings in Information Security Management

Safer Internet Day 2011

Computer Security Day 2010

more...

Virus Alerts

RSS Feed



Subscribe Mailing List

Last Updated 20-Jul-2011
Disclaimer Maintained & Hosted by NCB
This site is best viewed in 1024 x 768 resolution. Internet Explorer 6.0 +