[security-alerts] FW: [SA25199] Cisco IOS FTP Server Multiple Vulnerabilities

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

>       
> TITLE:
> Cisco IOS FTP Server Multiple Vulnerabilities
> 
> SECUNIA ADVISORY ID:
> SA25199
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/25199/
> 
> CRITICAL:
> Moderately critical
> 
> IMPACT:
> Security Bypass, DoS, System access
> 
> WHERE:
> From remote
> 
> OPERATING SYSTEM:
> Cisco IOS 12.x
> http://secunia.com/product/182/
> Cisco IOS 11.x
> http://secunia.com/product/183/
> 
> DESCRIPTION:
> Some vulnerabilities have been reported in Cisco IOS, which can be
> exploited by malicious users and malicious people to bypass certain
> security restrictions, cause a DoS (Denial of Service), or
> potentially compromise a vulnerable system.
> 
> 1) An unspecified error exists in the IOS FTP server when verifying
> user credentials, which can be exploited to bypass user
> authentication.
> 
> 2) An unspecified error exists when transferring files via FTP, which
> can be exploited to cause a DoS (Denial of Service).
> 
> Successful exploitation may allow an attacker to retrieve any file
> from an affected system (including startup-config), cause IOS to
> reload, and potentially execute arbitrary code, but requires that the
> FTP server is enabled, which is not the default setting.
> 
> The vulnerabilities are reported in IOS version 11.3, 12.0, 12.1,
> 12.2, 12.3, and 12.4 containing the FTP server feature.
> 
> SOLUTION:
> The vendor has issued an update that removes the FTP server ability.
> As a workaround, it is possible to disable the FTP server by
> executing the following command in configuration mode: "no ftp-server
> enable". See vendor advisories for more details.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Reported by the vendor.
> 
> ORIGINAL ADVISORY:
> http://www.cisco.com/en/US/products/products_applied_intellige
> nce_response09186a00808399ea.html
> http://www.cisco.com/en/US/products/products_security_advisory
> 09186a00808399d0.shtml
>