-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2014-016 Title: Multiple Vulnerabilities in Cisco IPS Software [1] Version history: 19.02.2014 Initial publication Summary ======= Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities: Cisco IPS Analysis Engine Denial of Service Vulnerability Cisco IPS Control-Plane MainApp Denial of Service Vulnerability Cisco IPS Jumbo Frame Denial of Service Vulnerability The Cisco IPS Analysis Engine Denial of Service Vulnerability and the Cisco IPS Jumbo Frame Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive or crash. When this occurs, the Cisco IPS will stop inspecting traffic. CVE numbers: CVE-2014-0718 CVE-2014-0719 CVE-2014-0720 Vulnerable systems ================== Cisco ASA 5500-X Series IPS Security Services Processor (IPS SSP) software and hardware modules Cisco ASA 5500 Series Advanced Inspection and Prevention Security Services Module (AIP SSM) Cisco IPS 4200 Series Sensors Cisco IPS 4300 Series Sensors Cisco IPS 4500 Series Sensors Original Details ================ The Cisco IPS Control-Plane MainApp Denial of Service Vulnerability could allow an unauthenticated, remote attacker to cause the MainApp process to become unresponsive and prevent it from executing several tasks including alert notification, event store management, and sensor authentication. The Cisco IPS web server will also be unavailable while the MainApp process is unresponsive, and other processes such as the Analysis Engine process may not work properly. What can you do? ================ There is a patch. [1] What to tell your users? ======================== N/A More information ================ [1] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips Best regards, CERT-EU (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJTBjFJAAoJEPpzpNLI8SVo6hkP/2CrwdZ6Z3SUZeolwZ44z9s1 6I7YHskR73wVHTUoN0T3MNIwVErvmAk4vIpHLuSYro1P++o2019sBtibCIW5i+d5 tZ6t/oOHj26BgCPuqUkTjjnMtS91A2c1Hl5xk/SscjtnR7eW+EPFWVt/A4ZIiIIq roxH0qy3wkfjDRdUFKqDyTuz2q10JuCSYrZ4kzyiQJWHQo7nnUPi948V34JmMeEl lrqtftsCFwTi0fuU3R2muNJHdWlUnLyDznR3LWCv9LzfAj9MQpLcVUGgNJqe9ans 9rDfF7snG0JpeoPLCNdID21Suu0RduPumsdrmwNSyxSrKQHDpSQNffwEfonN160H j6KDf6CU3HLON7vpl0old5e3pEaulxJDPQpk4GljWNwqmZGyTvtUKGmvMDWLex4U aEmQit0Ko+4QCZiXu61+b2ZmdqntnV+VE44h1hu7YtlYTnW7ExtYE6eL4LCs+Egh afrb+2sVpGY4MYCPy13khHv7B0KgYvaTL6NXeXR9Q83LCmXQ/4/y7BvT4Tu4xkXD UraUO5Xf9pQAfdMnMvOg0GA4um3KZfcD628FFstfXg9BZ88yMT16ciHZr8x1z4kW u5E0DQwTaYS4qSgNwi0M26gqoQY1wpcqKzzBi1tuDMxMb6dRoBEPlAVamK9DIcqS MtZOpfkA02n4WkqhzAVx =xBs4 -----END PGP SIGNATURE-----