CERT-MU Vulnerability Note VN-2009-24

Cisco Nexus 5000 Series Switches Remote TCP Denial of Service Vulnerability

Original Issue Date: September 15, 2009

Severity Rating: High

Affected Softwares

• Cisco Nexus 5000 Series Switches running Cisco NX-OS Software versions prior to 4.0(1a)N2(1)

Overview

A vulnerability has been reported in Cisco NX-OS Software that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Description

The vulnerability is due to an error when the affected device processes certain TCP packets. An unauthenticated, remote attacker could force the TCP connection to remain in a indefinitely long period. If enough TCP connections are forced into a long-lived state, resources on a system under attack may be consumed, preventing new TCP connections from being accepted, resulting in denial of service (DoS) conditions.

Solution

Apply appropriate fixed versions as mentioned in CISCO Security Advisory.
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml

Vendor Information

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml

CVE Name

CVE-2009-0627

References

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=18800

SecurityTracker
http://www.securitytracker.com/alerts/2009/Sep/1022847.html

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.