Vilgil@ance: Cisco CSM, memory leak
May 2008 by Vigil@nce
An attacker can progressively generate a denial of service by creating a memory leak of Cisco Content Switching Module.
Gravity: 1/4
CVSS: 6.1/10
Consequences: denial of service of computer
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 14/05/2008
Identifier: VIGILANCE-VUL-7830
AFFECTED PRODUCTS
– Cisco Catalyst versions 65xx, 76xx [avec Cisco CSM]
– Cisco IOS versions 12.0, 12.1, 12.2, 12.3, 12.4 [avec Cisco CSM]
Similar products or versions inferior to those indicated may also
be affected.
DESCRIPTION
The CSM (Cisco Content Switching Module) and CSM-S (CSM with SSL)
modules are integrated in Catalyst for load balancing.
However,
– when CSM/CSM-S is configured for a layer 7 load balancing, and
– when balanced servers do not accept TCP connections (are overloaded), and
– when TCP packets with specific flags are received then a memory leak occurs in the module.
Over time, this memory leak makes the system unusable, which
creates a denial of service.
CHARACTERISTICS
Identifiers : 105450, cisco-sa-20080514-csm, CSCsl40722, CVE-2008-1749, VIGILANCE-VUL-7830 CVSS score: 6.1/10