Cisco Security Advisory: 2 Vulnerabilities in Cisco SN 5420 Storage Routers

posted onAugust 2, 2001
by hitbsecnews

Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420.

There is no workaround for these vulnerabilities. It is possible to mitigate them by blocking access to ports 513 and 8023 on the network edge...

Posted on 2.8.2001

Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage Routers

Revision 1.0

For Public Release 2001 July 11 08:00 (UTC -0800)

_____________________________________________

Summary

Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release
up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack.
The other allows unrestricted low level access to the SN 5420.

There is no workaround for these vulnerabilities. It is possible to mitigate them by
blocking access to ports 513 and 8023 on the network edge.

The vulnerabilities are documented in Cisco Bug IDs CSCdu27529 and CSCdu27514.

No other Cisco product is affected by these vulnerabilities.

This advisory is available at
http://www.cisco.com/warp/public/707/SN-kernel-pub.html

Affected Products

Cisco SN 5420 Storage Routers running software release up to and including 1.1(3) are
affected by the vulnerabilities.

To determine your software release, type "show system" at the command prompt.

No other Cisco products are affected by these vulnerabilities.

Details

CSCdu27529
You can reboot the device by rapidly establishing multiple connections to TCP port 8023.

CSCdu27514
When logging into SN 5420 using "rlogin" or when connecting to the port 8023
from the GigabitEthernet or management interface, a user can access a developer's' shell
of the SN 5420. The user is not asked for a password. No other authorization is performed.
This shell is used during developing for testing.

Starting with software releases 1.1(4), this capability is removed from the software.

Impact

By repeatedly exploiting CSCdu27529, it is possible to prevent a user from accessing
storage, thus causing Denial-of-Service attack.

When logged into a developer's shell (CSCdu27514), users can execute debug commands, start
and stop processes, and interfere with the normal process execution. Users who are logged
in such a manner and all commands executed by them are not logged or shown using the
standard logging mechanism of the Cisco SN 5420 Storage Router.

Software Versions and Fixes

The vulnerabilities are fixed in the release 1.1(4) of the software, which is availabe on
CCO.

Obtaining Fixed Software

Cisco is offering free software upgrades to eliminate this vulnerability for all affected
customers. Customers with contracts should obtain upgraded software through their regular
update channels. For most customers, this means that upgrades should be obtained through
the Software Center on Cisco's Worldwide Web site at http://www.cisco.com.

Customers whose Cisco products are provided or maintained through prior or existing
agreement with third-party support organizations such as Cisco Partners, authorized
resellers, or service providers should contact that support organization for assistance
with the upgrade, which should be free of charge.

Customers without contracts should get their upgrades by contacting the Cisco Technical
Assistance Center (TAC). TAC contacts are as follows:

* +1 800 553 2447 (toll-free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com

Give the URL of this notice as evidence of your entitlement to a free upgrade. Free
upgrades for non-contract customers must be requested through the TAC.

Please do not contact either "psirt@cisco.com" or
"security-alert@cisco.com" for software upgrades.

Workarounds

There is no workaround for these vulnerabilities. It is possible to mitigate them by
blocking access to ports 513 and 8023 on the network edge.

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the
vulnerabilities described in this advisory.

These vulnerabilities were found internally during product installation.

Status of This Notice: FINAL

This is a final notice. Although Cisco cannot guarantee the accuracy of all statements in
this notice, all of the facts have been checked to the best of our ability. Cisco does not
anticipate issuing updated versions of this notice unless there is some material change in
the facts. Should there be a significant change in the facts, Cisco may update this
notice.

Distribution

This notice will be posted on Cisco's Worldwide Web site at http://www.cisco.com/warp/public/707/SN-kernel-pub.html.
In addition to Worldwide Web posting, a text version of this notice is clear-signed with
the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients:

* cust-security-announce@cisco.com
* bugtraq@securityfocus.com
* first-teams@first.org (includes CERT/CC)
* cisco@spot.colorado.edu
* comp.dcom.sys.cisco
* firewalls@lists.gnac.com
* Various internal Cisco mailing lists

Future updates of this notice, if any, will be placed on Cisco's Worldwide Web server, but
may or may not be actively announced on mailing lists or newsgroups. Users concerned about
this problem are encouraged to check the URL given above for any updates.

Revision History

Revision 1.0 2001-July-11 08:00 UTC -0800 Initial public release

Cisco Security Procedures

Complete information on reporting security vulnerabilities in Cisco products, obtaining
assistance with security incidents, and registering to receive security information from
Cisco, is available on Cisco's Worldwide Web site at http://www.cisco.com/warp/public/707/sec_incident_response.shtml.
This includes instructions for press inquiries regarding Cisco security notices.

The rest of the Cisco Security Advisories are available at http://www.cisco.com/go/psirt

_____________________________________________

This notice is Copyright 2001 by Cisco Systems, Inc. This notice may be redistributed
freely after the release date given at the top of the text, provided that redistributed
copies are complete and unmodified, and include all date and version information.

Source

Tags

Networking

You May Also Like

Other Articles In This Section

Recent News

Tuesday, July 9th

China's APT40 gang is ready to attack vulns within hours or days of public release
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
The president ordered a board to probe a massive Russian cyberattack. It never did.
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Wednesday, July 3rd

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Two of the German military’s new spy satellites appear to have failed in orbit

Friday, June 28th

Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Cisco Talos warns of wider security implications following Snowflake breach

Thursday, June 27th

I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
YouTube tries convincing record labels to license music for AI song generator
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk
Julian Assange to plead guilty but is going home after long extradition fight

Thursday, June 13th

Hackers show off jailbroken checkm8-vulnerable iPad and Apple TV running iPadOS 18 & tvOS 18 respectively
One of the major sellers of detailed driver behavioral data is shutting down
Turkish student creates custom AI device for cheating university exam, gets arrested

Wednesday, June 12th

Chinese-Made Biometric Access System Has 24 Vulnerabilities
Apple and OpenAI currently have the most misunderstood partnership in tech
Adobe to update vague AI terms after users threaten to cancel subscriptions
China state hackers infected 20,000 Fortinet VPNs

Tuesday, June 11th

Russia Is Targeting Germany With Fake Information as Europe Votes
Apple announces macOS 15 Sequoia with window tiling, iPhone mirroring, and more
Apple integrates ChatGPT into Siri, iOS, and macOS
British police to scan 480,000 Formula 1 fans’ faces at Silverstone
Hackers steal “significant volume” of data from hundreds of Snowflake customers

Friday, June 7th

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope
FCC pushes ISPs to fix security flaws in Internet routing
Can a technology called RAG keep AI models from making stuff up?
How to Lead an Army of Digital Sleuths in the Age of AI

Thursday, June 6th

Mystery object waits nearly an hour between radio bursts
Apple refused to pay bug bounty to Russian cybersecurity firm Kaspersky Lab
Ex-Microsoft security expert torches Windows' new 'Recall' feature
The Age of the Drone Police Is Here

Wednesday, June 5th

Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File
TikTok Hack Targets ‘High-Profile’ Users via DMs