Vigil@nce - Cisco Content Services Gateway: denial of service via ICMP
July 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send ICMP packets to a Cisco switch with SAMI and
Content Services Gateway Second Generation, in order to stop it.
Severity: 2/4
Creation date: 06/07/2011
IMPACTED PRODUCTS
– Cisco Content Services Switch
– Cisco IOS
DESCRIPTION OF THE VULNERABILITY
A Cisco switch can have a SAMI (Service and Application Module for
IP) card/module.
The SAMI module can host several applications:
– Cisco Gateway GPRS Support Node (GGSN)
– Cisco Mobile Wireless Home Agent (HA)
– Cisco Wireless Security Gateway (WSG)
– Cisco Broadband Wireless Gateway and Cisco IP Transfer Point
(ITP)
– Cisco Long Term Evolution (LTE) Gateway
– Cisco Content Services Gateway Second Generation
An attacker can send ICMP packets to a Cisco switch with SAMI and
Content Services Gateway Second Generation (CSG2), in order to
stop it. Other SAMI applications are not impacted.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-Content-Services-Gateway-denial-of-service-via-ICMP-10816