Risk: High
The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.
Affects:
- 12.3 based trains
- 12.3T based trains
- 12.4 based trains
- 12.4T based trains
- Products Confirmed Not Vulnerable:
- Products that are not running Cisco IOS are not affected.
- Products that are running Cisco IOS versions 12.2 and earlier (including 12.0S) are not affected. (excluding 12.2ZH and 12.2ZL)
- Products that are running Cisco IOS are not affected unless they are configured for Firewall Authentication Proxy for FTP and/or Telnet Sessions.
- Products that are running Cisco IOS XR are not affected.
No other Cisco products are currently known to be affected by this vulnerability.
Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.
Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected. Only devices running certain versions of Cisco IOS are affected.
Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml.
Successful exploitation of the vulnerability on Cisco IOS may result in a reload of the device or execution of arbitrary code. Repeated exploitation could result in a sustained DoS attack or execution of arbitrary code on Cisco IOS devices.